ABSTRACT
We are taking a chance by addressing highly technical topic-the security of industrial automation and process control, also known as ICS security-from both technical and management perspectives, and at times from a more philosophical perspective. e reason for this approach is that a substantial amount of ad hoc and anecdotal technical material and analysis already exist, and this material would bene¤t from a broader treatment that includes business-level topics such as business case development and compliance and, ultimately, more eective enterprise risk management.
