Trust No File. Trust No Device.

Trust Your Knowledge.

Content
Introduction
Industrial Zero-Day Threat
The Issue to Address
The Mission of OPSWAT Academy
OPSWAT Academy Courses
OPSWAT Academy Certification Program
About OPSWAT

1
Introduction
It has almost been a decade since Stuxnet
put critical infrastructure cybersecurity on the
map. Since then, all 16 critical infrastructure
sectors identified by the U.S. Department of
Homeland Security have been forced to adapt
to the new norms of maintaining mission-
critical operations and business continuity
under constant threat of cyberattack.
Despite the expanded focus on risk
reduction, – including advanced technology
implementation, workforce training, enforceable
industry implementation, and federal security
regulations – cybercrime targeting critical
infrastructure sectors continue to accelerate in
both complexity and frequency.
Control systems that act as the “brain”
within mission-critical environments are
both inherently and increasingly vulnerable
to actions of nation state supported actors,
hacktivists, and internal threats. Attacks
on critical infrastructure are sometimes but
not exclusively motivated by financial gain.
Reputational and operational disruption,
as well as fear, nation-state espionage,
antipathy, and ideology are also strong drives.
To maintain the everyday functioning of these
critical infrastructures and hence countries
and states, threats and issues posed by
cybercriminals and bad actors must be
properly addressed.
2
Industrial Zero-Day Threat
It has already become obvious that today
no Critical Infrastructure Protection (CIP)
vulnerability is greater than the constant
cybersecurity skills gap. But why is the lack
of competent people such a vulnerability?

Within the 16 critical infrastructure sectors,

the confidentiality, integrity, and availability
of networks, systems and equipment is of
utmost importance. Unexpected downtime
is not only unacceptable, but it can be
dangerous, destructive, and costly as well.
The same can be said for unauthorized
access, as it can be very difficult to find the
adversaries’ footprint and root them out
once they have bypassed security controls,
entered a given system or network, and
inflicted damage.

Simply put, it is because of such high risks

that critical infrastructure organizations
need an abundance of qualified, highly
skilled cybersecurity professionals 24/7/365
to help identify, prevent, mitigate, and
remediate threats of all types.

To meet this demand, CIP cybersecurity

workforce training must evolve by focusing
much less on concepts and theories and
much more on practical workforce training
and development. This is what our more
than 1,400 critical infrastructure customers
around the world have been telling us and
asking from us. And hence OPSWAT Academy
was born.

3
The Issue to Address
To date, several non-profit and company-
driven certifications and professional
training courses have been introduced to
help educating aspiring CIP cybersecurity
professionals and retrain the existing
workforce with the skills necessary to protect
industrial environments. Unfortunately, such
educational opportunities are not producing
enough job-ready employees or properly
empowering those already being employed
with practical, real-world, and up to date
knowledge.
With demand for skilled critical infrastructure
cyber professionals at an all-time high and
growing strong, the cybersecurity industry
must evolve how it trains existing and future
workforce by focusing more on teaching
the practical applications of technologies,
processes, and procedures and less on
abstract theories and concepts.
To prepare employees for a career in the field
of CIP cybersecurity and to help continuously
educating existing staff, training programs must
evolve to focus on the practical processes and
technologies, as well as interoperability with
existing IT security infrastructures.
4
The Mission of OPSWAT Academy
OPSWAT Academy is a self-paced online educational
and training program by OPSWAT Inc. to help
addressing the CIP cybersecurity skills shortage
through courses that promote best practices and
practical approaches successfully implemented
in the most vital and secure critical infrastructure
environments.

At OPSWAT, our philosophy is to trust no file, trust no

device. That’s why all OPSWAT Academy courses are
grouped by those that can help CIP cybersecurity
professionals become proficient in the technologies
and processes that can lead them to eventually –
based on their knowledge gained at the Academy
– trust files, trust devices, and trust their own
knowledge.

If you want to know more about

OPSWAT Academy in detail, please visit
opswatacademy.com!

5
OPSWAT Academy Courses
The courses of OPSWAT Academy come
in two flavors. The Associate Courses are
designed to introduce and teach the basics
of CIP and cybersecurity to rookies and
those who are interested in this industry,
while the Professional Courses are for field
proven veterans who would like to expand
their knowledge on CIP and the products and
services of OPSWAT Inc.

Since the Course Program is a self-learning

online platform – with some minor restrictions
in the course order – you can take any of the
Associate Courses, watch them anytime,
and stop and resume the material at your
convenience. The Professional Courses come
at a fee therefore only those students can take
part in these courses who purchased them.

ASSOCIATE COURSES
• Introduction to Critical Infrastructure
Protection (ICIP)
• OPSWAT File Security Associate (OFSA)
• OPSWAT Data-Transfer Security Associate
(ODSA)
• OPSWAT Secure Storage Associate (OSSA)
• OPSWAT Legacy-System Security Associate
(OLSA)
• OPSWAT Web-Traffic Protection Associate
(OWSA)
PROFESSIONAL COURSES
• OPSWAT Meta Defender Core Pro (OMCP)
• OPSWAT Email Security Associate (OESA)
• OPSWAT Boot Camp – Kiosk Tier 1 – Linux Kiosk (L1001)
• OPSWAT Endpoint Compliance Associate
(OECA) • OPSWAT MetaAccess Pro (OMAP)
• PSWAT Network Security Associate (ONSA) • OPSWAT MetaAccess NAC Pro (OMNP)

6
OPSWAT Academy
Certification Program
After successfully concluding any of the Associate
or Professional Courses, the graduate receives a
certification about the course he/she has taken.
These certifications are currently certified by
OPSWAT Inc., but the Academy is currently working
towards accreditation with the International
Information System Security Certification
Consortium (ISC)² and is in an application for
credits for the Certified Information Systems
Security Professional (CISSP) exam prerequisite.

As protecting critical infrastructure against

cybercriminals and bad actors is a constantly
evolving arms race, the knowledge that helps
you protecting your company today will probably
be outdated tomorrow. So that is why OPSWAT
Academy is constantly updating its courses and
urges graduates to retake each one of them
periodically as all certifications expire after a year.

The aim of the Academy Certification Program is

to provide better chances for job seekers,
possibilities for career advancement, and
better selection opportunities for employers
and companies specifically looking for CIP and
cybersecurity professionals.

Moreover, all certifications can be directly shared

on LinkedIn or through Credley badge-sharing
community.

About OPSWAT
We believe that every file and every device pose a threat therefore we trust no file
and trust no device. That is why the mission of OPSWAT is to protect the world’s
critical infrastructure by eliminating malware and protecting against zero-day
attacks and cybercriminal acts. OPSWAT products and services focus on threat
prevention and process creation for secure data transfer and safe device access.
The results are productive systems that minimize risk of compromise. That’s
why 98% of U.S. nuclear power facilities trust OPSWAT for cybersecurity and
compliance.

If you wish to learn more about OPSWAT Inc., please visit www.opswat.com! 7