Going back then to a previous question, do we want more/any regulation ?
Yes. All vulnerable industries should have their use of network communications regulated. This means all power stations, electricity line operators, dam gate operators, etc. They should all be required to meet a standard of practice for secure network communications, air gap between SCADA networks and all other networks, and annual network inspections to ensure compliance. If any organization operates an infrastructure which could be vulnerable to cyberattack that would damage the country in which they operate, that organization needs to be regulated to ensure that their networks cannot be exploited for cyberattack purposes. That is the correct and measured response which does not involve the military except possibly in a security advisory role, and which is within the powers of governments. I would expect that the increased awareness of network security that resulted would pay dividends in business and home use of networks. --Michael Dillon