"Mostly, they are just trying to implement a similar level of cybersecurity in their industrial environment that they may already have in their IT environment."
To get the private sector to spend more, Coleman suggested the government give security clearance to CSOs and CISOs, so they can examine the cyberattack intelligence to determine the risk it poses to their companies.
"Because they're not cleared, they do not understand the threat," he said.
Utilities and manufacturers are hesitant because of the enormous expense of replacing or upgrading security technology built into their infrastructure, Eric Cosman, co-chair of the Chemical Sector Cybersecurity Program at the International Society of Automation, said.
"If the IT and the physical components are highly integrated then it may not be possible to replace one without the other," Cosman said.
Industries are still working on finding a way to separate security systems, so they can be updated "without requiring total system replacement," he said.
In Gilsinn's opinion, the term cyberwarfare is more useful to the Defense Department and other organizations hoping to convince Congress to send more money their way.
"Cybersecurity is definitely sexy at the moment, and government agencies and (defense) contractors are all trying to figure out how to get as much of the budget pot as they can," Gilsinn said.
Sign up for Computerworld eNewsletters.