Kaspersky Industrial CyberSecurity
Protect Industrial Automation and Control Systems with an ecosystem of specialized, certified and natively integrated products and comprehensive set of services

See the hidden spots

We show hidden threats, anomalies, vulnerabilities and violations long before it became dangerous

Minimize the risk

We help to enforce policies, assign controls and stop threats without compromising the process

Centralize the expertise

We help to quickly respond incidents, easily replicate successful deployments and manage the complex distributed infrastructure

Solution Architecture

Kaspersky Industrial CyberSecurity for Networks

OT Network Traffic Analysis, Detection and Response. Clear risk visibility with passive traffic monitoring, active polling and endpoint sensors.

Detects anomalies and intrusions inside ICS networks in their early stages and ensures the necessary actions are taken to prevent any negative impact on industrial processes.

Kaspersky Industrial CyberSecurity for Nodes

Industrial-grade, tested and certified Endpoint Protection, Detection and Response. A low-impact, compatible and stable solution for Linux, Windows and standalone systems.

KICS for Nodes Portable Scanner

Enforces a cybersecurity policy on standalone machinery, automation systems or equipment on which security software cannot be installed. Ultimate situational awareness and OT-visibility even from a standalone infrastructure.

Installation-free solution

KICS for Nodes can be activated on a number of additional Portable Scanner flash drives. This helps to perform simultaneous on-demand scans on multiple machines during maintenance windows, to collect endpoint data and organize it into a convenient summary report.

Regulatory and internal policy compliance

KICS for Nodes Portable Scanner conducts anti-malware compliance checks of equipment accessing an OT site, including computers of third-party contractors. It has a very low operational footprint and does not interfere with existing security solutions.

Kaspersky Single Management Platform

The Single Management Platform is a centralized security management solution for security orchestration of the entire OT infrastructure, with a map of all geographically distributed assets enriched with events, incident analytics and more. It boosts the efficiency of mixed OT and IT security teams. A place where all your security controls work in harmony, enabling a rapid and precise response.

Kaspersky Industrial CyberSecurity Platform

Designed to comprehensively secure the industrial elements of your organization: KICS for Nodes is aimed at industrial endpoints, while KICS for Networks monitors industrial network security. A unique ecosystem of corporate and specialized solutions that are agile and future-proofed, delivering flexibility and additional value.

• KICS for Networks
  Detection of early-stage anomalies and intrusions inside ICS networks and ensures that the necessary actions are taken to prevent any negative impact on industrial processes. Appliance-agnostic solution that allows the customer to choose the industrial computing appliance vendor they trust the most. The KICS for Networks interface displays a live dashboard and a network map, for working with assets and security events.
• KICS for Nodes
  Specially designed to consume minimal resources. Its modular architecture means you only have to install the protective components you need. You can configure these components to threat prevention mode or detection-only mode. This approach is ideal for legacy, low-performance machines that require the maximum available computing power.
• Single Management Platform
  A centralized security management solution for security orchestration of the entire IT and OT infrastructure, with a map of all geographically distributed assets enriched with events, incident analytics and more.

Expert Services and Intelligence

Expert industrial cybersecurity services help to strengthen your cybersecurity ecosystem with assessments, penetration testing, incident response and forensics tools.

• Kaspersky Industrial Cybersecurity Assessment
  For organizations concerned about the potential operational impact of IT/OT security, Kaspersky provides a minimally invasive pre-installation cybersecurity assessment. It’s a crucial first step in establishing security requirements within the context of operational needs, and also provides significant insights into cybersecurity levels without any further deployment of protection technologies.
• Kaspersky Incident Response
  In the event of a cybersecurity incident, our experts will conduct an independent analysis of the incident’s evidence, reconstruct the timeline, determine possible sources and reasons and develop a plan to provide remediation and minimize damage. Kaspersky also offers a malware analysis service during which we categorize the malware sample received from the customer, analyze its functions and behavior, and develop recommendations and a plan to remove the malware and roll back any malicious actions.
• Kaspersky Threat Intelligence
  Kaspersky Threat Intelligence enables global threat visibility, timely detection of cyberthreats, prioritization of security alerts and an effective response to information security incidents to enhance your protection against targeted industrial cyberattacks, with region-specific, industry-specific and ICS software analytics.

Industrial Cybersecurity Training and Awareness

Kaspersky offers short, intensive training courses for everyday users of computer-based systems as well as IT/OT security experts, ICS operators and engineers. All courses are conducted face-to-face by our in-house experts, unless otherwise specified.

• Basic Cybersafety
  For all employees who interact with computerized systems on the industrial floor. Human error, resulting from a simple lack of cybersecurity knowledge and awareness, is the leading cause of cyber-incidents. Basic cybersafety training and awareness changes attitudes and behavior, promoting a corporate culture where good cyber-hygiene practices are integral and instinctive. Employees don’t always recognize their personal responsibility for the safety of their working environment. Here, participants learn the importance of their own role in protecting against threats specific to their industrial environment, and how to work safely and responsibly. A one-day intensive course, with certification.
• Industrial Cybersecurity Games
  Middle management, in Finance or Procurement, for example, may not be fully aware of their roles as stakeholders in corporate cybersecurity. Kaspersky Industrial Protection Simulation (KIPS) is a gripping online game which simulates real-world cyberattacks on industrial automation systems, demonstrating the main issues associated with providing industrial cybersecurity. As participants react and interact, they discover how their behavior impacts the issues involved, and they develop the skills needed to resolve them. Different versions of the game cover different industries –water treatment, for example, or power generation and transmission. The game can be played face-to-face, with an expert Game Master on hand, or fully online.
• Industrial Cybersecurity in Practice
  Specifically designed for those who work with industrial control systems and equipment, and for those directly responsible for IT/OT Security. Led by experts in the field, participants will gain new insights into the current threat landscape and the attack vectors specifically targeting their industrial environment, as practical scenarios are outlined and explored. By the end of the course, participants will be armed with all the skills they need to draw up their own incident response plan, and they’ll have a basic understanding of malware analysis and digital forensics. This course includes highly customized elements, and can be run over one or two days.
• ICS Digital Forensics for Professionals
  This course is suitable for IT/OT Security Professionals already working with industrial systems and looking to develop their digital forensics skills, as well as for those with experience in digital forensics in IT environments who are looking to move into ICS. ICS presents many specific challenges when it comes to digital forensics. Tools and technologies developed for IT environments are often unsuitable or even unusable, so evidence collection, for example, becomes a manual process. Special attention must be given to rapidly regaining control and returning the system or devices to a safe state. Working with our Digital Forensics specialists, participants explore the unique aspects of ICS digital forensics, from identifying a genuine incident to data collection, examination, analysis and reporting in industrial environments, developing the hands-on skills and approaches required to become an expert investigator of ICS incidents and their implications.
• Capture the Flag in ICS
  Сapture the flag (CTF) contest is a competition for cybersecurity experts in the form of a game, in which participants solve computer security problems. They must either capture (attack/bring down) or defend computer systems in a CTF environment. CTF in ICS offers a good chance to introduce security specialists to modern attack vectors, kill chains and the advanced tactics and technologies used by different cybersecurity expert teams around the world. CTF also helps to test ICS equipment and system configurations or ICS security products and solutions, which are already used at an enterprise’s facilities or being considered for installation/upgrade.

• AGAT – Control Systems
  • AGAT-2000
• Aveva (Schneider Electric)
  • Wonderware Historian
  • Wonderware InTouch
  • Wonderware System Platform
  • Operation Integration Server
• EKRA
  • EKRASCADA
  • EKRASMS
  • EKRASMS-SP
• EleSy
  • Scada Infinity
• General Electric
  • GE Cimplicity
  • GE Historian
  • GE Machine Edition
• iCONICS
  • AnalytiX
  • GENESIS64
  • Hyper Historian
  • MobileHMI
• Interface NTK
  • OIC Dispatcher NT
• KRUG
  • SCADA KRUG-2000
• Pelco by Schneider Electric
  • VideoXpert Enterprise
  • VideoXpert Professional
• Prosoft-Systems
  • SAS ARIS MC/MD/MT
  • ARIS SCADA
  • Emergency control system
  • Energosphera
  • Redkit SCADA

• RTSoft
  • SMART-KP2
  • SMART-SPRECON
• Tornado Modular Systems
  • DCS Tornado-N
• VNIIR
  • VNIIR-SCADA
• Vibrobit
  • Vibrobit Web.Net.Monitoring
• Inbres
  • Inbres
• Automiq Softech
  • Alpha Platform
• B&R
  • DCS Aprol
• Elara
  • SURA
• EnergopromAvtomatizatciya
  • SCADA NPT Expert
• Hangzhou HollySys Automation
  • HOLLiAS MACS
• InfTech
  • Petroleum accounting, inventory and flow tool
• K-Soft Engineering
  • KSE Platform
• Monitor Electric
  • CK-11
• PLC Technology
  • TOPAZ
• Relematika
  • UniSCADA

• SCAD Tech
  • SCAD CC
• SibCom
  • Cascade
• Schneider Electric
  • Citect SCADA
  • Clear SCADA
  • EcoStruxure Foxboro DCS (Foxboro Evo)
  • EcoStruxure Hybrid DCS
  • EcoStruxure Triconex
  • PACiS
  • Unity Pro
  • EMCS-PACiS (SCADA system EcoSUI) MiCOM C264/C264C Bay Computer Unit
  • MiCOM H35V2 Switch
  • MiCOM P series
  • ConneXium Switch
  • SEPAM Relay Protection
  • Foxboro (Foxboro Evo)
  • EcoStruxure Hybrid
• Common Criteria ISO/IEC 15408
  • Kaspersky Security Center 13
• ARC Informatique
  • PcVue

• AMT GROUP
  • AMT InfoDiode
• Aveva (Schneider Electric)
  • AVEVA Historian
  • AVEVA InTouch
  • AVEVA System Platform
• Mitsubishi Electric (Russia)
  • GOT2000 Panels
  • GT Designer 3
  • GX Works 3
  • FR-A800
  • FR Configurator 2
  • iQ-F controllers
  • iQ-R controllers
  • MAPS
• Waterfall Security Solutions
  • Waterfall for IDS
• ServiceSoft Engineering
  • SCADA «Telemetry Monitor»
• Tornado Modular Systems
  • DCS Tornado-N

• Automiq Softech
  • Alpha Platform (OS ASTRA LINUX)
• EnergopromAvtomatizatciya
  • SCADA NPT Compact
  • SCADA NPT Expert
  • SCADA NPT Expert Plus
• Siemens
  • SPPA-T3000
  • WinCC Open Architecture 3.16
  • WinCC Open Architecture 3.18 (Global)
• Valmet
  • Valmet DNA
• Yokogawa Electric CIS
  • Yokogawa CENTUM VP
  • Yokogawa PRM
  • Yokogawa ProSafe-RS
• PcVue
  • PcVue Solutions
• Emerson
  • DCS DeltaV v.13.3

• Schneider Electric
  • Geo SCADA Expert
  • Machine SCADA Expert
  • EcoStruxure Control Expert (Unity Pro)
  • Modicon
  • TriStation
  • Triconex
  • EcoStruxure System Advisor

• AdAstra
  • Trace Mode
• Aveva (Schneider Electric)
  • AVEVA Historian
  • AVEVA InTouch
  • AVEVA System Platform
• Bosch Rexroth
  • MMS 4.0
  • IndraWorks Engineering
  • IndraControl
  • Embedded Controls XM
• Emerson
  • OpenEnterprise SCADA
  • PLC ControlWave Micro RTU
  • DCS DeltaV v.13.3
  • DCS DeltaV v.14
  • DCS Ovation 3.5.1
  • DCS Ovation 3.6
  • DCS Ovation 3.6
  • DCS Ovation 3.7
  • DCS Ovation 3.8
• Siemens
  • Siemens SIMATIC PCS 7
  • SPPA-T3000
  • WinCC Open Architecture 3.14
  • WinCC Open Architecture 3.15
  • WinCC Open Architecture 3.16
  • WinCC Open Architecture 3.18 (Global)

• Valmet
  • Valmet DNA
• Avtomatizatsiya Proizvodstv
  • SCADA «APDAR»
• Tornado Modular Systems
  • DCS Tornado-N
• SPE «Measuring Technologies»
  • VACS Standart
• Automiq Softech
  • Alpha Platform (ОS ASTRA LINUX)
• Baker Hughes Rus Infra
  • Bently Nevada
• Compressor Controls Corporation
  • TrainTools Comprehensive Release PC Application Suite Series 5 Vanguard Controllers
• Emerson / Metran
  • DCS Ovation 3.6
• Nefteavtomatika
  • NaftaProcess
  • NaftaProcess (Linux)
  • NaftaVision
  • NaftaVision (Linux)
• TSA-Service
  • DCS KVINT-6

• Yokogawa Electric CIS
  • Yokogawa CENTUM VP
  • Yokogawa FAST-TOOLS
  • Yokogawa Exaopc
  • Yokogawa Exaquantum
  • Yokogawa PRM
  • Yokogawa ProSafe-RS
• EnergopromAvtomatizatciya
  • SCADA NPT Compact
  • SCADA NPT Expert
  • SCADA NPT Expert Plus
• ServiceSoft Engineering
  • SCADA «Telemetry Monitor»
• PcVue
  • PcVue Solutions
• Schneider Electric
  • Geo SCADA Expert
  • Machine SCADA Expert
  • EcoStruxure Control Expert (Unity Pro)
  • Modicon
  • TriStation
  • Triconex
  • EcoStruxure System Advisor

Solution Overview

Kaspersky Industrial CyberSecurity is a holistic portfolio of technologies and services designed to secure every industrial layer, including SCADA servers, HMIs, engineering workstations, PLCs, network connections and people – without impacting on operational continuity and consistency of the technological process.

Kaspersky Industrial CyberSecurity for Networks

Kaspersky Lab’s network solution operates at the industrial communication protocol (Modbus, IEC stack, S7comm, etc) layer, analyzing industrial traffic for anomalies via advanced DPI (Deep Packet inspection) technology. Network security monitoring and IDS capabilities are also provided.

Kaspersky Industrial CyberSecurity for Nodes

KICS for Nodes was designed to specifically address threats at operator level in #ICS environments. It secures ICS/SCADA servers, HMIs and engineering workstations from the various types of cyberthreat that can result from human factors, generic malware, targeted attacks or sabotage. KICS for Nodes is compatible with both the software and hardware components of industrial automation systems, such as SCADA, PLC, and DCS.