There have been numerous discussions as to what constitute cyber threats to industrial control systems (ICSs). They can be broken out in a number of different ways, which include the following:
Insider intentional threats
Internal unintentional threats
External nontargeted threats
The first item to consider is what is an “insider”? The traditional information technology (IT) definition is someone who works for the organization. For the ICS community, I define an insider as anyone who has knowledge of the systems and has been given access, even if this access should have been rescinded. This includes inside employees, equipment vendors, system integrators, and external ...