Recommended Books, Training, and Conferences for Industrial Control Systems Cybersecurity

Recommended ICS Cybersecurity Books

Rise of the Machines: A Cybernetic History Although non‑technical, this book by Dr. Thomas Rid explores the history, implications, and usage of the term “cyber,” tracing its roots to control systems and cybernetics.

Handbook of SCADA/Control Systems Security Edited by Robert Radvanovsky and Jacob Brodsky, this collection presents articles from a wide range of community experts covering diverse topics.

Protecting Industrial Control Systems from Electronic Threats Authored by Joe Weiss, this work reflects his long‑standing involvement in the field and his influence on mainstreaming ICS security.

Industrial Network Security Eric Knapp and Joel Langill focus on the network‑security aspects of ICS, offering a practical resource on technologies and protocols.

Hacking Exposed: Industrial Control Systems Provides a penetration‑testing perspective on assessing ICS safely, written by Clint Bodungen, Bryan Singer, Aaron Shbeeb, Kyle Wilhoit, and Stephen Hilt.

Recommended Professional Training

You don’t need certifications to excel, but they can help with job opportunities, raises, or skill polishing. It’s advisable to learn extensively before attending a class and, if possible, have an employer cover the cost. Below are two SANS‑offered courses I recommend, plus a popular community class.

SANS ICS 410 – ICS/SCADA Essentials A bridge course for security professionals entering the ICS domain or vice‑versa, providing an introduction to ICS cybersecurity.

SANS ICS 515 – ICS/SCADA Active Defense and Incident Response Authored by the article’s writer, this class teaches targeted threat hunting and incident response for nation‑state and well‑funded adversaries in the ICS environment.

CYBATI Led by Matt Luallen, this hands‑on class includes the CYBATIworks kit and is widely respected in the community.

Recommended Conferences

Engaging with the community through research, writing, and presentations is vital. The following five conferences are the major general‑ICS cybersecurity events.

SANS ICS Security Summit Long‑standing conference focusing on education and training, typically held in March at Disney World, Orlando, Florida.

DigitalBond’s S4 Premier research‑focused conference organized by Dale, with U.S. events in January (Florida) and additional venues in Europe and Japan.

The ICS Cyber Security Conference (WeissCon) Founded by Joe Weiss, now run by SecurityWeek, usually in October across various U.S. locations, with strong government and vendor participation.

The ICS Joint Working Group (ICSJWG) Free DHS‑hosted conference held twice a year, recommended as an introductory event before attending the larger conferences.

4SICS Annual European conference in Stockholm, Sweden (October), gathering a broad spectrum of ICS professionals and researchers.

This is a small collection of many valuable resources; it will be updated as new materials appear. Stay active in the community, teach yourself, and contribute—experts are often specialists, and the community welcomes new participants.