Network access and security always has been about keeping out what you don't want to get in, but these days it's also about finding and eliminating what got in but shouldn't be there.
So, while passwords, encrypted data, segmented networks, and managed Ethernet switches as firewalls are all essential, they're just the start of what it takes to make industrial networks and control applications secure. In the past few years, some viruses, worms and other malicious software have been modified to circumvent the usual barriers, exploit patching schedules, while others like Stuxnet and similar copycats can conduct man-in-the-middle attacks in which they pose as authorized entities, while rewriting critical software behind the scenes.