Gone are the days of “security by obscurity” when critical systems were segregated and physical security was tightly controlled. Today, critical infrastructure systems are interconnected with IT systems and accessed by various staff, partners and vendors. This interconnectivity can result in security threats spreading into critical infrastructure systems virtually undetected, making them vulnerable to saboteurs and cyber criminals.