Really? How hard is it to complete isolate your production subnet from your business subnet?
I guess they will be thinking about this now....
With millions of lines of code written over decades by tens of thousands of code monkeys and wires and wireless going everywhere, who's really in charge of anything?
Being in the manufacturing business myself...
Many motion control systems now are controlled and monitored by ethernet to the engineering computers. I guarantee there was no super secret break in but some fool on his computer opening an infected email via some low level drone in the office. Even if the email network is 100% isolated some of those new back doors are nasty buggers that will install themselves on USB sticks.
When I was an employee at a large manufacturing shop an infected PLM computer system that was traced directly to the company accountant who had come in early to watch and download porn.