Skills Elevated: More Ways to Build Cyber Resilience

By Patrick Miller

At Ampyx Cyber, training has always been a cornerstone of how we help utilities and critical infrastructure organizations strengthen their cybersecurity and compliance posture. Our NERC CIP Bootcamp has been a flagship program for years, equipping professionals with the knowledge and confidence to navigate complex regulatory standards.

Now, we’re taking it further. We’ve expanded our training portfolio to meet a broader set of needs across the industry, providing new pathways for teams at every stage of their cybersecurity journey.

What’s New in the Training Lineup

  • NERC CIP Bootcamp
    Still the gold standard for anyone working with NERC Critical Infrastructure Protection standards. Over 3.5 days, participants gain a full-spectrum understanding of CIP-002 through CIP-014, learn from real-world audit scenarios, and build strategies for sustainable compliance.

  • Establishing a Cybersecurity Compliance Program
    For organizations building (or rebuilding) their compliance foundation. This course delivers a practical blueprint for standing up a defensible program aligned with frameworks like NERC, NIST, TSA, and NIS2 directives.

  • OT-CIP Vulnerability Management
    Vulnerability management in OT isn’t the same as IT. This course goes deep into CIP-010 requirements, risk-based decision-making, compensating controls, and strategies for when patching simply isn’t an option.

  • ICS PCAP Analysis Challenge (Free)
    A hands-on, self-paced challenge for analysts and engineers who want to sharpen their packet analysis skills in an industrial context. Participants dissect a simulated ICS network capture to uncover what really happened during a cyber incident.

Why We’re Expanding

The threat landscape is changing. So are regulatory expectations. From compliance teams needing structure, to engineers navigating vulnerabilities, to analysts sharpening their OT investigation skills, the demand for specialized, credible training has never been greater.

Our expanded portfolio means we can now meet those needs more directly, with courses that are practical, grounded, and field-tested. These aren’t checkbox trainings. They’re designed to prepare your team for the real challenges they’ll face defending critical systems.

The Bottom Line

Cybersecurity isn’t static, and neither is training. By expanding our offerings, we’re ensuring that utilities and critical infrastructure operators have access to the skills and insights they need. Whether that’s surviving a NERC CIP audit, building a compliance program from scratch, or learning to spot the telltale signs of an ICS attack hidden in a PCAP file.

Explore the full lineup here: https://ampyxcyber.com/training

 

Featured Posts

Featured
Skills Elevated: More Ways to Build Cyber Resilience
Skills Elevated: More Ways to Build Cyber Resilience

Ampyx Cyber is expanding its training portfolio with new courses designed for utilities and critical infrastructure teams. From NERC CIP Bootcamp to OT vulnerability management and ICS packet analysis, our offerings provide more ways to build cyber resilience with practical, field-tested learning.

Read More →
CIP-002-8, Decoded: Who’s In, Who’s Out Under the New 2.12
CIP-002-8, Decoded: Who’s In, Who’s Out Under the New 2.12

Upcoming NERC CIP-002 grid rules change which control centers fall under stricter cybersecurity protections. This post explains the new test in plain language, who is likely covered, and when local, load-serving areas can qualify for an exception. We also share a quick checklist to help utilities document what they have today and avoid surprises later.

Read More →
CIP-015-1 INSM: A Practical Playbook
CIP-015-1 INSM: A Practical Playbook

NERC CIP-015 makes east-west visibility inside the ESP mandatory. This playbook shows how to stand up INSM the right way through risk-based data feeds, ICS-aware anomaly detection, evaluation tied to incident response, and defensible evidence on a timeline to 10/1/2028 and beyond. Avoid common pitfalls and design now for the likely CIP-015-2 expansion.

Read More →
Building Blocks of OT Security Monitoring: A Deep Dive for SOC Builders and MSSPs
Building Blocks of OT Security Monitoring: A Deep Dive for SOC Builders and MSSPs

Learn how to build scalable, OT-aware security monitoring using (free, no cost) open-source tools like Security Onion, Wazuh, Malcolm, and The Hive. Whether you're launching a SOC or growing your MSSP, this guide covers deployment models, costs, timelines, and training to get you started fast - and smart.

Read More →
Testimony Before the U.S.-China Economic and Security Review Commission: Protecting U.S. Energy Infrastructure from Strategic Risks
Testimony Before the U.S.-China Economic and Security Review Commission: Protecting U.S. Energy Infrastructure from Strategic Risks

On April 24, 2025, Patrick Miller testified before the U.S.-China Economic and Security Review Commission on the growing cybersecurity and supply chain risks facing U.S. energy infrastructure. My testimony focused on how Chinese state-aligned actors are embedding themselves within critical systems and why securing our grid is essential to preserving America's economic leadership, technological advancement, and national security.

Read More →
Patrick Miller