Security
I do have to wonder if any of the upper management in some of these companies have heard of security, or is it just a meaningless word to them.
Any one that runs the office and industrial process control on the same network should be taken out the back and put out of their misery.
On the two systems we manage the only point of contact between the front office and the manufacturing section is a networked laser printer that sits in the office and gets input from manufacturing and prints our daily production figures. It is locked to the manufacturing network by mac address as well as being on a different subnet to the office. In one company some idiot thought he could get direct access to manufacturing by using the printer network cable. All he got was fired - we had thought of that and set access alarms.
The big question is, why if small companies can do this type of security why can't large ones? It is not difficult but it does require thought which seems to be sadly lacking in senior management today.