Full Report
Kaspersky Lab ICS CERT and Fraunhofer IOSB are working together to address industrial cybersecurity and awareness challenges.
Analysis Summary
# Industry News: Kaspersky and Fraunhofer IOSB Launch Advanced ICS Training Partnership
## Summary
Kaspersky Lab ICS CERT and the Fraunhofer Institute of Optronics, System Technologies and Image Exploitation (IOSB) have announced a strategic education initiative to bridge the industrial cybersecurity skills gap. The partnership introduces the "Advanced Industrial Cybersecurity in Practice" course, designed to provide IT and OT professionals with hands-on defense and incident response training for critical infrastructure environments.
## Key Details
- **Date:** April 20, 2018
- **Companies Involved:** Kaspersky Lab (ICS CERT) and Fraunhofer IOSB
- **Category:** Partnership | Education & Training
## The Story
Recognizing a significant shortage of specialized security talent in the Operational Technology (OT) and Industrial Control Systems (ICS) sectors, Kaspersky Lab's ICS CERT has teamed up with Fraunhofer IOSB, a leader in applied research.
The collaboration focuses on a two-day "Advanced Industrial Cybersecurity in Practice" curriculum. Unlike theoretical seminars, this course utilizes interactive modules, gaming simulations, and hands-on hacking demonstrations to illustrate the vulnerability of industrial networks. The program aims specifically to solve the "IT/OT divide"—the cultural and technical gap between traditional IT security teams and the engineers who manage physical industrial processes.
## Business Impact
### For the Companies Involved
- **Kaspersky Lab:** Enhances its reputation as a thought leader in the ICS space beyond just software sales, positioning itself as a critical service and education provider.
- **Fraunhofer IOSB:** Leverages Kaspersky’s real-world threat intelligence to ensure their academic and research-based training remains grounded in current attacker methodologies.
### For Competitors
- **Training Providers:** Competitors in the industrial training space (such as SANS Institute or Claroty) face a new high-credibility combined offering from a major security vendor and a prestigious European research institute.
- **Consultancies:** Puts pressure on pure-play consultancies to offer similar "bridge" training to keep clients from looking toward vendor-led education.
### For Customers
- **Skill Development:** Provides a standardized pathway for industrial enterprises to upskill existing staff rather than trying to recruit from a non-existent talent pool.
- **Risk Mitigation:** Organizations can reduce the risk of downtime or sabotage by training staff to recognize anomalies in OT traffic that traditional IT tools might miss.
### For the Market
- **Standardization of Knowledge:** Signals a maturation of the ICS security market, moving from "awareness" toward "hands-on practitioner" competence.
- **Convergence Trend:** Reinforces the ongoing trend of IT and OT convergence, emphasizing that security is now a shared responsibility.
## Technical Implications
The training focuses on several high-value technical competencies:
- **Protocol Analysis:** Training engineers to monitor and recognize specialized industrial protocols.
- **Defense-in-Depth:** Practical configuration of industrial-grade firewalls and Intrusion Detection Systems (IDS).
- **Incident Handling:** Moving beyond detection to initiating appropriate physical and digital responses in a production environment.
## Strategic Analysis
- **Market Positioning:** Both entities are positioning themselves as the "bridge" between the factory floor and the server room.
- **Competitive Advantage:** The combination of Kaspersky’s global threat telemetry (via ICS CERT) and Fraunhofer’s pedagogical and engineering prestige creates a high barrier to entry for other training programs.
- **Challenges:** Geopolitical tensions surrounding Kaspersky Lab during this period (2018) may affect adoption in certain government-sensitive sectors in the West, despite the technical quality of the partnership.
## Industry Reactions
- **Analyst Opinions:** Analysts generally view such partnerships as necessary, as "human error" and "lack of visibility" remain the top risks cited in ICS security reports.
- **Market Response:** Growing demand for "hands-on" rather than "classroom-style" learning reflects the urgent need for applied skills in the energy, manufacturing, and utility sectors.
## Future Outlook
- **Predictions:** Expect more customized, "in-house" versions of this training as large manufacturers seek to train entire departments at once.
- **What to watch for:** Potential expansion of this curriculum into virtualized "Digital Twin" training environments or specialized certifications for specific sectors like Power Grid or Automotive.
## For Security Professionals
For the practitioner, this represents a shift in the labor market:
- **IT Pros:** Need to learn the physical safety implications of security patches (availability > confidentiality).
- **OT Pros:** Must gain a baseline in networking and "attack thinking" to protect the physical assets they manage.
- **Career Growth:** Obtaining certifications from high-prestige partnerships like Kaspersky-Fraunhofer is becoming a key differentiator for senior security roles in industrial sectors.