When it comes to learning operational technology (OT) cybersecurity, nothing compares to rolling up your sleeves and working directly with the systems you’ll one day be tasked with protecting. TAC’s Operational Technology BoOTcamp is designed to give cybersecurity professionals a rare opportunity: to move beyond theory and truly engage with the challenges, technologies, and thinking patterns that define OT security.
Q&A with TAC’s Cybersecurity Curriculum and Training Instructor
To understand what makes TAC’s OT BoOTcamp stand out, we spoke with Payton Buss, Cybersecurity Curriculum and Training Instructor at TAC. Payton has guided countless students through the program, blending technical expertise with a passion for making complex OT concepts click. In this conversation, she shares how the course is structured, the kinds of students who thrive in it, and the “aha moments” that keep learners engaged from start to finish.
Q: How do you balance theory with hands-on practice throughout the week?
A: The class is organized into roughly 30 minutes of theory lecture immediately followed by learning tasks where students apply their learning.
Q: What kind of student backgrounds benefit the most from this program?
A: Students with a background in cybersecurity who want to start learning about OT cybersecurity.
Q: How do you simulate real-world OT challenges in the exercises?
A: All of the activities are scaled-down versions of real-world examples. When learning about PLCs, students wire and program microcontrollers to control a physical output and use PLC coding languages. When defending and attacking, students work with live data from their created plant to showcase a scaled-down example of what they might see in the wild.
Q: By the end of the week, what core skills should students feel confident in?
A: Students should be able to:
- Identify core differences between OT and IT cybersecurity
- Explain the various goals and concerns unique to OT systems
- Have productive conversations with invested parties to start securing OT networks
Q: Can you share an example of a past student “aha moment” during the course?
A: While learning about the Purdue Model, one student mentioned that despite having learned the model, it wasn’t until this course that they grasped the idea of how each layer is supposed to communicate with the others. By adding concrete examples and forcing them to reason and work with the model, the concept finally “clicked” for them.
While completing the attack and defend, one student was struggling to interpret the results they were getting from reading in the holding registers. After a minute of puzzlement and thinking aloud, they figured out what they needed to look for and were able to explain the importance of understanding the engineering design in their attack.
What Students Are Saying
The impact of TAC’s OT BoOTcamp is best captured in the words of past students:
“Absolutely beneficial and a great resource for expanding your OT knowledge. You can see the real-world application as well.”
— Taylor TheBarge, GuidePoint Security
“I loved this class. I recommend it because it covers a vital part of technology that is often overlooked. My favorite scenario was the Easy Bake Oven because I could see my ladder code in action and received a cookie.”
— Larry King, DynaTrace
“I really enjoyed the course. I was expecting something related to programming but was pleasantly surprised with the cyber info and all of the hands-on activities. I enjoyed the oven plant hacking scenario. We got to see an attack from all perspectives: attacker, defender, and operator.”
— Thomas Jacobs, COPT Defense Properties
Ready to Take the Next Step?
TAC’s OT BoOTcamp is more than a class, it’s a training experience that prepares cybersecurity professionals to face the unique challenges of securing industrial and critical infrastructure systems. Whether you’re an individual looking to expand your expertise or a team aiming to strengthen your OT security posture, this course provides the knowledge and confidence to make an immediate impact.
