The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15%
per year in each of the last four years, but that this year’s growth has slowed to around 7%. Over the same timeperiod, the number of attacks against applications has decreased or stayed flat each year. At the start of the
measure period, the incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago,
the growth in the number of PC boot loader attacks has grown exponentially. Analysis of these trends would
seem to suggest which of the following strategies should be employed?

A.
Spending on SCADA protections should stay steady; application control spending should increase
substantially and spending on PC boot loader controls should increase substantially.

B.
Spending on SCADA security controls should stay steady; application control spending should decrease
slightly and spending on PC boot loader protections should increase substantially.

C.
Spending all controls should increase by 15% to start; spending on application controls should be
suspended, and PC boot loader protection research should increase by 100%.

D.
Spending on SCADA security controls should increase by 15%; application control spending should
increase slightly, and spending on PC boot loader protections should remain steady.