I've been in the security community for quite some time (15+ years in fact). And while that's not world record, I have heard more than my fair share of security horror stories. Everything from crashing entire server farms to wiping out email for large organizations, and those are just my own horror stories. I knew there was a gap between security and the ICS world, but it goes deeper than that. Devices, systems and software we label "control systems" have a lot of responsibility. They run the electrical grid, water supplies, and oil supplies of the world. And while strides have been made to improve ICS security, we still have a ways to go. Conferences such as this one, well attended by those responsible for security in ICS/SCADA environments, itself is comforting.