The pervasive threat environment continues to worsen. Attack tools continue to become more powerful, and today’s targeted ransomware attacks use tools and techniques that were exclusive to nation-states five years ago. Power generation OT/control system networks are intrinsically vulnerable for many reasons, not least because engineering demands measured, deliberate change control for reliability’s sake. This inevitably delays the application of critical software security updates – and neither intrusion detection systems (IDS) nor government intervention can save generating facilities from fast-moving attacks. Both IDS and government, and even private response teams cannot move fast enough to prevent the consequences of compromise