The use of cyber warfare as a prelude or substitute for conventional attacks has gone from conjecture to reality. The obvious targets of such assaults are a nation's defence establishment, critical infrastructure, and production capabilities. Contrary to popular opinion, there are effective, structured defences against such aggression, if they are conscientiously and properly implemented and maintained. This text merges the fundamentals of information system security and the unique requirements of industrial automation and control systems and presents a clear and implementable formula to defend crucial elements, such as refineries, chemical plants, manufacturing operations, power plants and pipelines. This work develops a novel protection approach based on the merging of the best relevant and proven government and industry standards, resulting in a practical instrument that can be straightforwardly applied to secure our valuable resources.