This document summarizes a presentation on SCADA cyber security attacks and mitigation strategies. It discusses several real-world examples of attacks between 2000-2016 that impacted industrial control systems and critical infrastructure, including incidents involving gas pipelines in Russia, sewage plants in Australia, power grids in the US and Ukraine. The presentation recommends approaches for SCADA security including security-by-design, network segmentation, regular audits and penetration testing, and establishing security programs and policies. It also notes the need for ongoing commercial and funded research on SCADA security issues.