top of page
Image by Shekh Kayes

Mike's Top 10 ICS/OT Cybersecurity Books in 2025

In no particular order!

(Although Mike does say everyone needs to start with Andy Greenberg's Sandworm.)

Some links in this post are affiliate links. If you purchase through them, Mike may earn a small commission — at no extra cost to you. Mike only recommends books he personally reads and trusts.

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers

By Andy Greenberg

An incredible introduction to the world of ICS/OT cyber security.

Check it out >
Coming Soon.png

Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions

By Clint Bodungen, Stephen Hilt, Aaron Shbeeb, Bryan Singer & Kyle Wilhoit

Who doesn't love to learn about how to break into ICS/OT networks?

Check it out >
Coming Soon.png

Practical Industrial Cyber Security: ICS, Industry 4.0 & IIoT

By Charles J. Brooks & Philip A. Craig, Jr.

A study guide for the GICSP exam.

Check it out >
Coming Soon.png

Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems

By Eric D. Knapp

The long awaited third addition of Eric's book was released in late 2024.

Check it out >
Coming Soon.png

Industrial Cybersecurity

By Pascal Ackerman

There are several "editions," but each is really a completely different book. Each is a monster in their own right, and all are references you want to have on hand if you're on-site and have no Internet access for research.

Check it out >
Coming Soon.png

Engineering-Grade OT Security: A Manager's Guide

By Andrew Ginter

Be sure to check out his other two books as well.

Check it out >
Coming Soon.png

Industrial Cybersecurity: Case Studies and Best Practices

By Steve Mustard

Real world examples and case studies can often be the best way to learn.

Check it out >
Coming Soon.png

Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE)

By Andrew Bochman & Sarah Freeman

Bringing engineering knowledge to protecting critical infrastructure.

Check it out >
Coming Soon.png

Implementing IEC 62443 - A Pragmatic Approach to Cybersecurity

By Michael D. Medoff & Patrick C. O'Brien

Taking a practical approach to 62443.

Check it out >
Coming Soon.png

Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapons

By Kim Zetter

For many of us, Stuxnet is where it all begins. And here's the story.

Check it out >
Coming Soon.png
bottom of page