The urgent need for action to protect industrial control systems (ICS), i.e. in the field of factory automation and process control, against cyber threats is increasingly recognised by the industry. In this respect, the BSI offers an abundance of information materials, best practices and other resources. However, it is essential, in addition to these offers, that companies train and qualify their employees accordingly. Whereas specific awareness-raising measures are suitable for employees, such as system operators, other target groups must obtain more in depth training. This applies in particular to those employees who are responsible for planning, development, integration or installation, operation and maintenance or are significantly involved in these activities and thus actively shape cyber security in this respect. The management or persons responsible for production should also be qualified to an appropriate extent which goes beyond typical sensitising.

[Deutsche Version]