Why Focus on industrial security
The increasing digitalization of industrial production facilities in the context of Industry 4.0 and Industrial IoT makes dealing with security in the production environment necessary for managers and employees of manufacturers, integrators and operators. Industrial security is immensely important in order to ensure a permanently secure and reliable operation of networked plants. This is not only about technical solutions, but also about processes and the behavior of people. Training employees at scale and educating subject matter experts is a huge implementation task.
OT-Security Needs Training
Reports of devastating cyber security incidents in companies are never-ending : By now everyone knows it is no longer a question of whether they will be hacked, but when they will be hacked. How can companies best protect themselves and prepare for potential incidents in the future in order to avoid severe damage?
Create risk awareness among your employees for the threat to your industrial facilities, and embed procedures to be prepared for the “worst case scenario”.
In manufacturing companies, all areas and hierarchical levels need knowledge and expertise in industrial security in order to ensure the reliable operation of networked systems and to be able to react correctly in the event of an attack.
Plant manufacturers, machine builders, integrators, manufacturers of automation technology, and service providers in the field of production also need to develop skills in this area.
WHAT YOUR EMPLOYEES NEED TO KNOW
- Understand threat scenarios of IT attacks on industrial plants
- Know typical types of attacks and their methodical sequence of events
- Identify and systematically assess attack risks
- Recognize threats in your own system and take action
- Be familiar with the legal framework and liability risks
OUR TRAINING PORTFOLIO INDUSTRIAL SECURITY
BasiC Training Industrial Security
Basic introduction to industrial security. Provides first foundational knowledge about requirements, methods and tools to protect machines and production sites.
Learning Goals
- Industrial Security: Threats, goals & special requirements
- Concepts: Defense-in-depth, IEC 62443, Zero Trust
- Identify: Asset management, risk, risk management
- Protect: Network, access control, endpoints, product lifecycle,
- Basic introduction to detect, respond, recover
Typical target audience
- All employees in production sites
- All employees who develop or work with manufacturing equipment (e.g., from engineering or automation companies)
Format
- 6-week program, approx. 2h per week
- 9h self-paced online content
- Kick-off and 3 Q&A live sessions (1h each) with experts to discuss online content and its practical implementation
The training has a weekly rhythm with a mix of self-paced online content and live sessions. Time investment is approx. 2h per week. This is what the program schedule looks like:
Introduction IEC 62443 Training
Learning Goals
- Special requirements cybersecurity and threat situation in OT
- Structure, content and objectives IEC 62334
- Differences and similarities to ISO 27001
- Impact of IEC 62443 on development and production
- Implementation of IEC 62443
Typical target audience
- Members of CISO team that have to implement IEC 62443
- Engineers and security experts in productions sites
- Product engineers and manager in automation companies
Format
- 6-week program, approx. 3h per week
- 5h self-paced online content
- 6 live events (2h each) with our expert Pierre Kobes (lectures, group discussions, exercises and Q&A)
The training has a weekly rhythm with a mix of self-paced online content and live sessions. Time investment is approx. 2h per week. This is what the program schedule looks like:
our Partners AND TRAINERS
The content in this section was developed with more than 20 companies and institutions. Among others, members of the industrial security working group in VDMA, Fraunhofer, Siemens, Rhebo, Goethe University Frankfurt, HiSolutions as well as Pepperl+Fuchs share their expertise on cybersecurity and IT & OT security in industry, e.g., in the security awareness training.
We work with a number of experienced trainers who bring practical experience from the field. Here’s an example:
Pierre Kobes, our partner in IEC 62443, worked for SIEMENS AG for over 40 years and was responsible for standards, regulations and certifications for Siemens DI. He was involved in the development of most of the ISA/IEC 62443 documents as well as in several projects implementing the ISA/IEC 62443 standard within Siemens DI. Pierre Kobes continues to work on the further development of ISA/IEC 62443.
