Cyber Skills for OT/ICS
Specialized Education for Critical Infrastructure Professionals
Ampyx Cyber delivers practical, relevant, and expertly designed cybersecurity training for those who safeguard industrial systems and critical infrastructure. Whether you’re defending the bulk electric system, securing operational technology, or preparing for compliance audits, our training programs equip you with the tools, knowledge, and confidence to lead in a complex threat environment.
Why Learn with Ampyx Cyber?
Built from real-world mastery. Our instructors are hands-on practitioners with decades of experience in the field. Not just theory, but battle-tested expertise.
Focused on critical infrastructure. We teach what matters most to power utilities, energy companies, manufacturers, and industrial operators.
From foundational to advanced. Whether you’re new to cybersecurity or looking to deepen a specialized skill set, our training grows with you.
From the Control Room to the Boardroom
Training Built for the Real World.
Available Courses
NERC CIP Bootcamp
Our flagship course, this intensive 3.5-day bootcamp is designed for professionals who need a comprehensive understanding of the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards. Covering CIP-002 through CIP-015, the course breaks down each requirement with practical examples, compliance strategies, and field-tested insights. Participants will learn how to determine impact ratings, navigate Low vs. Medium/High obligations, handle audits, and build documentation that holds up to regulatory scrutiny. The training also includes a regulatory forecast to help organizations stay ahead of potential changes. Whether you're new to CIP or need a structured refresher, the Bootcamp equips you with the tools and context to build, manage, or improve your compliance program. Ideal for compliance managers, cybersecurity professionals, engineers, and legal or regulatory staff involved in CIP implementation or oversight.
ICS PCAP Analysis Challenge
In this no-cost, self-paced, hands-on challenge, participants are given a full packet capture (PCAP) file from a simulated industrial control system (ICS) incident and tasked with analyzing the network traffic to uncover what happened, how, and why. This scenario-based exercise encourages participants to think like both a threat analyst and an investigator, reconstructing timelines, identifying malicious behaviors, and drawing actionable insights from raw packet data. The lab environment simulates a realistic industrial setting, with industrial protocols and OT-specific context. It’s designed to sharpen skills in threat hunting, incident response, and OT network awareness. Great for SOC teams, incident responders, engineers, and security professionals looking to build or reinforce their ability to analyze ICS traffic in high-stakes environments. Bonus: It’s free and can be done on your own time.
OT-CIP Vulnerability Management
Operational Technology (OT) environments face unique challenges when it comes to vulnerability management, patching isn’t always possible. And risk can’t be treated the same way as IT systems. This course is tailored for organizations operating under NERC CIP requirements, especially CIP-010, and focuses on building a risk-based OT vulnerability management program that works in the real world. Participants will explore asset identification strategies, approaches to network segmentation, vulnerability scanning methods that respect operational constraints, and the documentation of compensating controls and mitigation plans. The course also addresses how to manage patches when OEMs are unresponsive or when downtime is not an option. Whether you’re in compliance, engineering, or cybersecurity, this course will give you the tools and vocabulary to make, and defend, smart, risk-informed decisions.
Cyber Compliance Foundations
Creating a cybersecurity compliance program from the ground up can be daunting, especially in highly regulated or rapidly evolving environments. This course provides a step-by-step blueprint for building a sustainable and defensible cybersecurity compliance program aligned with common regulatory frameworks such as NERC CIP, NIST 800-53, TSA Security Directives, and others. Topics include governance structure, policy development, role clarity, risk alignment, and how to establish evidence practices that survive audits. You’ll learn how to assess maturity, map technical controls to regulatory obligations, and build internal support across departments. Whether you're launching a program, rebuilding after a gap, or integrating new requirements, this course will help you translate compliance theory into actionable, enterprise-ready strategy. Ideal for CISOs, compliance leads, governance and risk managers, and project sponsors.
Onsite Option
If you have at least 10 people you’d like to take the class, we can bring the course to you.
Cost Savings
No travel or lodging expenses. Eliminates airfare, hotel, and per diem costs for each participant.
Reduced downtime. Attendees spend less time away from work and family, avoiding multi-day travel.
Larger team participation. You can train more staff at once for a fraction of the cost of sending them individually.
Team Cohesion
Cross-department participation. Operations, compliance, cybersecurity, and engineering can attend together to build a shared understanding.
Consistent knowledge base. Everyone hears the same explanations and interpretations, reducing internal misalignment.
Improved communication. Working through mock audits and scenarios together strengthens interdepartmental collaboration.
Operational Continuity
Minimal disruption. Team members can step away as needed for urgent operational issues.
No shift coverage strain. Easier to accommodate shift workers or 24/7 operations without backfilling multiple days away.
Familiar environment. Training takes place in a comfortable, known setting that supports focus.