Abstract
The ability to appropriately prepare for, and respond to, information security incidents, is of paramount importance, as it is impossible to prevent all possible incidents from occurring. Current trends show that the power and automation industry is an attractive target for hackers. A main challenge for this industry to overcome is the differences regarding culture and traditions, knowledge and communication, between Information and Communication Technology (ICT) staff and industrial control system staff. Communication is necessary for knowledge transfer, which in turn is necessary to learn from previous incidents in order to improve the incident handling process. This article reports on interviews with representatives from large electricity distribution service operators, and highlights challenges and opportunities for computer security incident handling in the industrial control system space.