Protecting programmable logic controllers (PLC) and programmable automation controllers (PAC) from security threats should begin even before an attack is detected.