ICS-reliant organizations need to develop an ICS-focused security program. It requires a unique blend of skills and experience (combining IT, security, engineering, and operations job roles) to effectively develop security approaches to meet growing challenges presented by greater connectivity and ever sophisticated and targeted attacks. SANS Securing the Human for Engineers focuses on security behaviors for individuals who interact with, operate, or support Industrial Control Systems. This program was developed to not only assist your organization in meeting compliance requirements through continued training and standard reporting, but also change human behavior and reduce risk.
"During the past year, several Fortune 100 companies saw advanced, persistent attacks on their infrastructures. While these companies invest millions of dollars in protections, they don't necessarily have the personnel to defend against that level of threat."
Tim McKnight, the Chief Information Security Officer at Northrup
Grumman Corporation (McKnight, 2011)