Siemens not only gets how important industrial control security is, it also understands that companies are having a tough time putting it in place. The challenge seems to be getting the industrial control experts within a company to sit down and play nice with IT. Both have an important stake in the implementation of security -- they just come at it from very different points of view.
Enter Siemens and its Managed Security Service. Beginning with an assessment of what is, they make recommendations and implement them, and then they stick around, since this is a dynamic challenge -- and threats continue to grow.
Siemens is rolling out its services in the US, and then it will open up Europe and Asia. The company is using its expertise in both automation and industrial cyber-security to build programs that sufficiently target the needs of industrial security.
Industrial environments are very different from the needs of enterprise security. The risk of interrupted production, downtime, IP theft, or sabotage as a result of security breaches is just too expensive -- and sometimes dangerous to allow.
I'm actually surprised that it took so long, given the constant headlines on security breaches and the number and severity of attacks. I have no doubt that eventually industrial organizations will be able to handle their own security, but I don't see it taking place any time soon. The Siemens offering is a good and timely alternative.
Also see a whitepaper offered by Siemens on the subject: "Security concept for the protection of industrial plants."