IT- & OT-Security Training

Our portfolio of online courses and online learning content on Industrial Security covers a wide range of topics. We cover both the basic concepts of the relevant IEC 62443 standard and specific recommendations for action, explanations of technical principles and practical examples. The portfolio also includes cybersecurity for the office environment, functional safety and topics related to the European General Data Protection Regulation (GDPR). Our portfolio of online learning content is the starting point for creating tailor-made training courses for your company and your employees. The content in this area was developed with more than 20 companies and institutions. Members of the Industrial Security working group in the VDMA, Fraunhofer, Siemens, Rhebo, Goethe University Frankfurt, HiSolutions and Pepperl + Fuchs, among others, share their specialist knowledge of cybersecurity in industry.

Our portfolio is the basis for:

Our cooperation partners

We offer content that was developed with experts from various companies and institutions in the field of Industrial Security. Here are some examples of the contributing partners and experts:

Steffen Zimmermann

Head of Industrial Security, VDMA

Klaus Mochalski

CEO & Founder, Rhebo GmbH

David Fuhr

Head of Research, HiSolutions AG

Dr. Andreas Hildebrandt

Head of Training, Pepperl+Fuchs AG

Christian Haas

Group Leader Industrial Cybersecurity, Fraunhofer IOSB
Industrial Security Expert Dr. Pierre Kobes

Dr. Pierre Kobes

Dr. Kobes Consulting

We cover the following themes with our portfolio:

  • Current threat situation
  • Security goals: confidentiality, integrity, availability
  • Attack types & attacker types
  • Cyber ​​kill chain model
  • Social engineering
  • Access control & secure passwords
  • Malware protection
  • Phishing & spear phishing protection
  • Updates & patches
  • Secure data storage & backups
  • Security in cloud systems & software
  • Safe internet browsing
  • Confident use of social media
  • Clean desk principle
  • Incident reporting
  • Basics of industrial control systems: sensors & actuators, PLC, SCADA, MES, ERP
  • Basics of systems in IT networks and cybersecurity
  • Introduction: demilitarized zone
  • Current threat situation
  • Attack types & attacker types
  • ICS cyber kill chain
  • Objectives of industrial security: availability, integrity, confidentiality
  • Information security management system
  • Risk analysis
  • Network segmentation
  • Account management
  • Secure protocols
  • Protection of radio technologies
  • Secure remote maintenance
  • Secure product lifecycle, vulnerability management, patch management, end-of-support & phase-out management
  • Component hardening, adaptation and testing of components & dispensing with superfluous functions
  • Cryptography, public key infrastructure & hash functions
  • Isolation techniques / virtualization
  • Securing databases & historians
  • Protection of interfaces
  • Security at suppliers and subcontractors
  • Security of OPC UA
  • Security of MQTT
  • Security of 5G
  • Social engineering
  • Penetration tests
  • Introduction of IT Security Act, EU Cybersecurity Act & NIS Directive
  • Introduction of the ISO / IEC 27000 series of standards
  • IEC 62443: structure & overview, holistic security management, protection levels, defense-in-depth, security control classes
  • Introduction of security for embedded systems
  • Attack models & attack vectors
  • Non-invasive & invasive hardware attacks & protective measures
  • Software attacks & protective measures
  • Security in the development process: automated tests, penetration tests, bug bounty programs, organizational measures
  • Introduction of the EU General Data Protection Regulation
  • Principles of the GDPR
  • EU validity & scope
  • Personal data
  • Lawfulness of processing
  • Duties & Rights
  • Directory of processing activities
  • Risk assessment & impact assessment
  • Order data processing within the EU & in third countries
  • Data breaches & information obligation in the event of data breaches
  • Information obligations & rights of data subjects
  • Deleting data
  • Hazard & risk analysis: HAZOP / PAAG, risk matrix, calibrated risk graph
  • Systematic & random errors
  • Basic concepts: Safety Instrumented Function (SIF), Safety Instrumented System (SIS), Safety Integrity Level (SIL), Probability of Failure on Demand (PFD), Probability of Failure per Hour (PFH), Proportion of Safe Errors (SFF), redundancy
  • Methods of error control: Hardware Failure Tolerance (HFT), Fail-Safe-Design, diagnostic coverage
  • Operational reliability

Have a look at some content examples from our offering:

Industrial Security Basics | DE/EN | 6 Chapters | approx. 2 h

Industrial Security Basics introduces the topic of industrial security. You will learn why there is such a great need for action in the field of industrial security and about the cornerstones of implementation. You will also get an overview of methods and technologies to make IT secure in the industrial sector. In this course, you will get insight from experts at Siemens, Fraunhofer, Rhebo and the VDMA.

To Course

Social Engineering | DE | 3 Chapters | approx. 1.5 h

Social Engineering provides an introduction to social engineering with a focus on how social engineering attacks work and which protective measures can be taken by companies and their employees to prevent such scenarios. This course is particularly suitable for awareness training of employees. This course was created in cooperation with experts from Goethe University Frankfurt.

To Course


Free Checklist

Almost every day, well-known companies find themselves in the headlines because they have been the victim of a cyberattack. For a long time now, security training and the development of measures have no longer been about the question of whether one will be affected, but when and to what extent. However, this does not mean that manufacturing companies should just sit and wait until the time comes. In this paper, we have listed what companies can do in advance to delay attacks and be as resilient as possible to attacks.

Sign up now to learn what you can do ALREADY to prepare best for a possible ransomware attack.

After you filled out the form, you will receive an email from us with the free white paper. Please check your spam folder in case your message got stuck there. Please

Schedule an appointment now

Would you like to learn more about our approach?

Have a conversation with one of our experts
about how we as your partner could support you.

By entering your email address, you will accept our privacy policy and receive a confirmation email. Through this email, you have the chance to subscribe to our regular updates. Without your permission, you will not receive our newsletter.

Jetzt Termin vereinbaren

Sie möchten mehr über unseren Ansatz erfahren?

Sprechen Sie mit einen unserer Expert*innen,
wie wir Sie als Partner am besten unterstützen dürfen.

Wenn Sie Ihre E-Mail-Adresse eingeben, akzeptieren Sie unsere Datenschutzbestimmungen und erhalten eine Bestätigungs-E-Mail. Mit dieser E-Mail haben Sie die Möglichkeit, unsere regelmäßigen Updates zu abonnieren. Ohne Ihre Zustimmung werden Sie unseren Newsletter nicht erhalten.