Network cybersecurity (IT and OT) and control system organizations have fundamentally different objectives and criteria when it comes to identifying cyber incidents. The Verizon Data Breach report is typical of reporting organizations that equate cyber incidents to data breaches. Control system cyber incidents include field device communication issues, automation malfunctions, loss-of-view, loss-of-control, and are not confined to confirmed attacks. Some of these incidents have led to injuries and deaths. Network security and engineering organizations need to accept the same cyber incident definition, and both network security and engineering organizations receive appropriate control system cyber incident training. Otherwise, comparing numbers and impacts from network versus control system cyber incidents will continue to be an exercise in comparing apples to oranges.
