Description
3 days
€ 3.070,- zzgl. VAT
(incl. certification exam)
8 persons
No prior knowledge is required. The certificate of completion, upon successful participation in the certification exam COSP personal certification of TÜV Austria Akademie
What you can expect from the
ICS.205 Certified OT Security Practitioner (COSP)
Persons certification available
After completing the 2.5-day OT security training course focusing on the key areas, participants can take a persons certification exam administered by TÜV AUSTRIA Academy – ideal for industry professionals who want to gain proof of their security expertise.
Practical learning
All training courses that offer persons certification include a significant practical component, featuring hands-on labs, realistic simulations, and a personalized exercise handbook to promote effective, practical learning.
Always at the cutting edge
Our training courses are revised at least once a year – current findings, new threat scenarios, and real incidents are continuously incorporated into the content.
What you will learn during this training course
Day 1
Introduction to Operational Technology (OT)
- IT security objectives
- Evolution of OT
- OT components and terminology
- OT incidents
IT essentials
- Network protocols
- Crypto refresher
- Network security basics
- Secure network protocols
Day 2
IT vs. OT security
- Safety vs. security
- Characteristics of OT systems vs. IT systems
Security threats and attack vectors
- OT attacker
- OT attack vectors
- OT risk factors and threats
OT standards overview
- NIS Directive
- IEC 62443
- ISO 27000 & ISO 27019
- NIST 800-82 and CSF
- and many more
Day 3
Proven security measures for OT
- Defense in depth
- Organizational security measures
- Security assessments and reviews
- Configuration management
- Network and communication security
- Component security
- Identity and access management
After the training, the participants have
- confidence when handling OT security.
- a common understanding of OT technologies and terminology.
- a good understanding of OT security standards and their areas of application.
- Knowledge of the most important security measures for OT.
- the ability to make the right contribution to the protection of industrial operations in their area of responsibility.
What others say
Training highlights of the
ICS.205 “Certified OT Security Practitioner (COSP)”
In the “ICS.205 Certified OT Security Practitioner (COSP)” training course, you can expect a highlight: you will receive your own “Exercise Handbook”, which will lead you into the exciting world of practical application.
In our own training environment, you can carry out various hands-on exercises together or on your own – a fantastic opportunity to gain valuable experience and acquire new skills yourself!
Participants can expect a wide variety of task formats – from hands-on labs to tabletop simulations:
- Firewall and ACL configuration – network protection through targeted rule setting
- Password cracking – recognizing vulnerabilities and understanding secure passwords
- Shodan & Google Hacking – digital tracking in the Internet of Things
- Create OT attack trees – analyze attack paths and develop countermeasures
- Designing secure network architectures – identifying and securing vulnerabilities
These exercises not only promote technical know-how, but also strategic thinking and teamwork – ideal for anyone who wants to understand and apply OT security in industrial networks.
Get your TÜV® persons certificate now!
Our OT security training courses not only provide knowledge, but also official proof of your competence.
Get to know our
trainers
Kerstin Reisinger
is an Offensive Security Certified Professional and trainer for Industrial Security. As a long-standing, experienced project manager in complex OT security projects, she supports industrial companies and energy suppliers with a great deal of technical knowledge. She likes to incorporate this experience into her classes as war stories.
Lucas Brandstätter
supports companies in the introduction of management systems with his vast knowledge in the ISMS (ISO 27000) and OSMS (IEC 62443) area. In risk analyses and penetration tests, he checks systems for untapped potential for improvement. In training courses he emphasizes interactive feedback from participants.
Thomas Brandstetter
is our „broad-spectrum antibiotic“ against security ignorance. As a Stuxnet Incident Handler and former head of Siemens ProductCERT, he knows industrial security from all life-cycle phases. He is Professor of IT and OT Security at the University of Applied Sciences St. Pölten and is certified for CISSP, GSEC, GICSP and GRID.
Peter Eder-Neuhauser
shows the importance of integrated risk management, incident handling, coordinated IT governance, threat and gap analyses, privacy impact assessments and awareness through his research focus on malware propagation in IT/OT networks, specific mitigation measures and secure architecture.
Bettina Wächter
always has a clear overview and an eye for important details. With her knowledge of ISO 27000, IEC 62443 and NIS-2 as well as her experience in working with processes, she creates the organizational framework for the introduction of management systems. She values sustainable knowledge transfer.
David Schauer
has an in-depth understanding of security from a technical and organizational perspective. In his projects, he uses this knowledge to build a bridge between technical requirements and management strategies. He shares his experience with the participants so that they can navigate securely in both security worlds.
Peter Panholzer
is veteran of the first hour for industrial security and secure software development. He is a certified ISO 27001 auditor, member of the OVE working group on IEC 62443, hacker and for over ten years trainer for secure coding. He loves to give the participants tricky tasks and to assist them with the right security tips.
Sixtus Leonhardsberger
is an OT Security Specialist with a focus on penetration testing of OT environments and embedded devices/IoT devices. In addition to his passion for technical OT security topics, he also shares his experience from consulting projects on securing networks and architectures with the training participants.
Florian Gerstmayer
worked for several years as a project manager and embedded software developer, where he designed and implemented secure products. Thus, he knows from personal experience which topics need to be addressed in the management of systems, as well as implemented as a developer in a holistic concept, and is happy to pass this on to others.
Nino Fürthauer
supports customers as a penetration tester to better secure web applications, infrastructure and systems against attacks. As pro duct owner for the certification trainings offered by Limes Security in cooperation with TÜV Austria, he places special emphasis on every little detail.
