Our portfolio of online courses and online learning content on Industrial Security covers a wide range of topics. We cover both the basic concepts of the relevant IEC 62443 standard and specific recommendations for action, explanations of technical principles and practical examples. The portfolio also includes cybersecurity for the office environment, functional safety and topics related to the European General Data Protection Regulation (GDPR). Our portfolio of online learning content is the starting point for creating tailor-made training courses for your company and your employees. The content in this area was developed with more than 20 companies and institutions. Members of the Industrial Security working group in the VDMA, Fraunhofer, Siemens, Rhebo, Goethe University Frankfurt, HiSolutions and Pepperl + Fuchs, among others, share their specialist knowledge of cybersecurity in industry.
Our portfolio is the basis for:
- Programs for specific companies and target groups based on preconfigured courses
- Courses that we configure and combine granularly from existing content according to your needs
- Programs that use a combination with your company's own content
Our cooperation partners
We offer content that was developed with experts from various companies and institutions in the field of Industrial Security. Here are some examples of the contributing partners and experts:
Steffen Zimmermann
Klaus Mochalski
David Fuhr
Dr. Andreas Hildebrandt
Christian Haas
Dr. Pierre Kobes
We cover the following themes with our portfolio:
What basic knowledge about cybersecurity in the office environment can my employees acquire?
- Current threat situation
- Security goals: confidentiality, integrity, availability
- Attack types & attacker types
- Cyber kill chain model
- Social engineering
- Access control & secure passwords
- Malware protection
- Phishing & spear phishing protection
- Updates & patches
- Secure data storage & backups
- Security in cloud systems & software
- Safe internet browsing
- Confident use of social media
- Clean desk principle
- Incident reporting
What basic knowledge about industrial security can my employees acquire?
- Basics of industrial control systems: sensors & actuators, PLC, SCADA, MES, ERP
- Basics of systems in IT networks and cybersecurity
- Introduction: demilitarized zone
- Current threat situation
- Attack types & attacker types
- ICS cyber kill chain
- Objectives of industrial security: availability, integrity, confidentiality
What can my employees learn to be able to prevent cyberattacks in an industrial environment?
- Information security management system
- Risk analysis
- Network segmentation
- Account management
- Secure protocols
- Protection of radio technologies
- Secure remote maintenance
- Secure product lifecycle, vulnerability management, patch management, end-of-support & phase-out management
- Component hardening, adaptation and testing of components & dispensing with superfluous functions
- Cryptography, public key infrastructure & hash functions
- Isolation techniques / virtualization
- Securing databases & historians
- Protection of interfaces
- Security at suppliers and subcontractors
- Security of OPC UA
- Security of MQTT
- Security of 5G
- Social engineering
- Penetration tests
What can my employees learn to be able to detect cyberattacks in an industrial environment?
- Monitoring & attack detection
- Anomaly detection
What can my employees learn to be able to react to cyberattacks in an industrial environment?
- Incident management
- Restoration
What can my employees learn about the legal framework and standards for security?
- Introduction of IT Security Act, EU Cybersecurity Act & NIS Directive
- Introduction of the ISO / IEC 27000 series of standards
- IEC 62443: structure & overview, holistic security management, protection levels, defense-in-depth, security control classes
What can my employees learn about embedded system security?
- Introduction of security for embedded systems
- Attack models & attack vectors
- Non-invasive & invasive hardware attacks & protective measures
- Software attacks & protective measures
- Security in the development process: automated tests, penetration tests, bug bounty programs, organizational measures
What can my employees learn about the EU General Data Protection Regulation?
- Introduction of the EU General Data Protection Regulation
- Principles of the GDPR
- EU validity & scope
- Personal data
- Lawfulness of processing
- Duties & Rights
- Directory of processing activities
- Risk assessment & impact assessment
- Order data processing within the EU & in third countries
- Data breaches & information obligation in the event of data breaches
- Information obligations & rights of data subjects
- Deleting data
What can my employees learn about functional safety?
- Hazard & risk analysis: HAZOP / PAAG, risk matrix, calibrated risk graph
- Systematic & random errors
- Basic concepts: Safety Instrumented Function (SIF), Safety Instrumented System (SIS), Safety Integrity Level (SIL), Probability of Failure on Demand (PFD), Probability of Failure per Hour (PFH), Proportion of Safe Errors (SFF), redundancy
- Methods of error control: Hardware Failure Tolerance (HFT), Fail-Safe-Design, diagnostic coverage
- Operational reliability
Have a look at some content examples from our offering:
Beispiele: Online-Kurse Industrial Security
Industrial Security Basics | DE/EN | 6 Chapters | approx. 2 h
Industrial Security Basics introduces the topic of industrial security. You will learn why there is such a great need for action in the field of industrial security and about the cornerstones of implementation. You will also get an overview of methods and technologies to make IT secure in the industrial sector. In this course, you will get insight from experts at Siemens, Fraunhofer, Rhebo and the VDMA.
Social Engineering | DE | 3 Chapters | approx. 1.5 h
Social Engineering provides an introduction to social engineering with a focus on how social engineering attacks work and which protective measures can be taken by companies and their employees to prevent such scenarios. This course is particularly suitable for awareness training of employees. This course was created in cooperation with experts from Goethe University Frankfurt.