A Cisco blog post explores the stages used in an attack against a utility, which the author notes can take many months to execute. These stages include gaining a point of entry, conducting reconnaissance, and executing lateral movement and exfiltration which, according to the blog post, can enable attackers to gain access to ICS and SCADA files and workstations. The blog post lists a series of measures for mitigating against these security risks, which include employing two-factor authentication, effectively managing all assets, and limiting access to applications to only trusted users. Cisco.