The Department of Homeland Security’s Industrial Control Systems Cybersecurity Emergency Response Team (ICS-CERT) has reported that critical infrastructure systems in the U.S. experienced a 20% increase in cybersecurity incidents in 2015. ICS-CERT responded to 295 incidents involving critical infrastructure in 2015.

The good news is that the industry that is the most targeted—Energy—had a 42 percent decline in attempts to infiltrate. The bad news—the critical manufacturing sector experienced an increase in cyber-attacks, particularly through spear-phishing campaigns. This illustrates the importance of employee training on spear-phishing and other social engineering schemes.