[perrylaj]

I think you are right about the use case being almost ideal for manufacturing, but I have a feeling the general best practice will remain to keep control systems air-gapped. It's the norm for many organizations (as policy, unfortunately not always as implementation), and is the recommendation of ICS-CERT, but there are still way too many jumping onto internet connected controls due to cost savings, convenience or whatever else. Often times the business arm wants data from control systems and are either too cheap or just can't be bothered to implement things like data-diodes and other one-way access that can provide feedback without exposing controls.

The increasing vulnerability isn't so much from networked automation -- PLCs have been networked for decades. The danger lies in dangerous jumping onto the the IIoT ("Industrial Internet of Things") and exposing of SCADA systems to the Internet, or thinking things like VPNs are secure. We are also seeing in a much higher focus of state-actors in controls. Industrial hacking is seeing a big shift away from espionage and IP theft to gaining access/control of processes. It's scary how many PLCs are the number that are freely exposed to the internet and browsable through sites like shodan. Even scarier is the number of infrastructure-critical control systems have already been found to be compromised and phoning home just waiting for a command by some unknown entity.

edit: clarity