In this paper, ways will be presented to develop more effective policies that will improve the safety, security, availability and resilience of the critical technologies that play a key role in supporting modern economic activity, national security, and the well-being of society.

For the purpose of this paper a control system used in an industrial or manufacturing environment will be defined as:

• Mostly computer-based, used by infrastructures and industries to monitor and control sensitive processes and physical functions;
• Systems that collect sensor measurements and operational data from the field, process and display this information, and relay control commands to local or remote equipment;
• Hardware and software closest to the actual physical process such as programmable logic controllers (PLCs), remote terminal units (RTUs), actuators, drives, sensors, transmitters and field devices.

Many of the most dangerous cyberattacks on critical infrastructure presented in this paper are understood to have been perpetrated by states and those they sponsor.