Do all your patches!
I've heard this time and again. Install all your updates, and that includes patches that are issued by software providers. If that had been done, the result would not have been this article, Revealed: Details of First Disruptive Power Grid Attack.
Perhaps NERC should take the step of not protecting the identity of the power provider. A bit of public humiliation and a drop in stock price — in addition to the fine — might make them more diligent.
Steve Myers shared the link above.