Industrial Cybersecurity Trainings and Awareness

Implementing the right software-based protection tools is just one aspect of fully securing industrial facilities. Employee training is also critical – human error due to a lack of cybersecurity knowledge and awareness is the leading cause of cyber-incidents. Kaspersky offers short, intensive training courses for everyday users of computer-based systems as well as for IT/OT security experts, ICS operators and engineers. All courses are conducted face-to-face by our in-house experts, unless otherwise specified.

Basic Cybersafety

For all employees who interact with computerized systems on the industrial floor. Human error, resulting from a simple lack of cybersecurity knowledge and awareness, is the leading cause of cyber-incidents. Basic Cybersafety training and awareness changes attitudes and behavior, promoting a corporate culture where good cyber-hygiene practices are integral and instinctive. Employees don’t always recognize their personal responsibility for the safety of their working environment. Here, participants learn the importance of their own role in protecting against threats specific to their industrial environment, and how to work safely and responsibly in real world situations. A one-day intensive course, leading to certification.

Industrial Cybersecurity Games

Middle-management, in Finance or Procurement divisions, for example, may not be fully aware of their roles as stakeholders in corporate cybersecurity. Kaspersky Industrial Protection Simulation (KIPS) is a gripping online game which simulates real-world cyber-attacks on industrial automation systems, demonstrating the main issues associated with providing industrial cybersecurity. As participants react and interact, they discover how they themselves can potentially impact the issues involved, developing the skills needed to resolve them. Different versions of the game cover different industries –water treatment, for example, or power generation and transmission. The game can be played face-to-face, with an expert Game Master on hand, or fully online if preferred.

Industrial Cybersecurity in Practice

Specifically designed for those with who work hands-on with industrial control systems and equipment, and for those directly responsible for IT/OT Security. Lead by experts in the field, participants will gain a new insight into their current threat landscape and attack vectors specifically targeting their industrial environment, as practical scenarios are outlined and explored. By the end of the course, participants will be armed with all the skills needed to draw up their own effective incident response plan, including a basic understanding of malware analysis and digital forensics. This course includes highly customized elements, and can be adapted to run over one or two days as preferred.

ICS Penetration Testing for Professionals

Designed to develop and hone the skills of those specifically engaged in industrial systems penetration testing, including independent consultants and third parties as well as in-house pen testing professionals. When it comes to pen testing, industrial control systems and their related infrastructure offer unique challenges. A generic approach is of little use in such idiosyncratic and potentially hazardous environments. Working with our industrial pen testing ‘gurus’, participants will gain all the advanced skills needed to conduct comprehensive and thorough pen tests in industrial environments, and to make expert recommendations for appropriate remedial action as required. Certification included.

ICS Digital Forensics for Professionals

This course is suitable both for IT/OT Security Professionals already working with industrial systems and looking to develop their digital forensics skills, and for those already experienced in digital forensics in IT environments who are looking to move into ICS.

ICS presents many specific challenges and constraints when it comes to Digital Forensics. Tools and technologies developed for IT environments are often inappropriate or simply useless, so evidence collection, for example, becomes a manual process. Special attention must be given, too, to rapidly regaining control and returning the system or devices to a safe state.

Working with our Digital Forensics specialists, participants explore the unique aspects of ICS digital forensics, from identifying a genuine incident to data collection, examination, analysis and reporting in industrial environments, developing the hands-on skills and approaches required to become an expert investigator of ICS incidents and their implications.

Capture the Flag in ICS

Сapture the flag (CTF) contest is a competition for cybersecurity experts organized in the form of a game, in which the participants solve computer security problems. They must either capture (attack/bring down) or defend computer systems in a CTF environment.
CTF in ICS offers a good chance to introduce security specialists to modern attack vectors, kill chains and advanced tactics and technologies used by different cyber security expert teams from around the world. CTF also helps to test ICS equipment and system configurations or ICS security products and solutions, which are already used at an enterprise’s facilities or being considered for installation / upgrade. Register for 2018 competition and track the results.