In 2011, the European Network and Information Security Agency (ENISA) conducted a study in the domain of Industrial Control Systems (ICS). Its objective was to obtain the current view on the ICS protection primarily in Europe but also in the international context. The ‘portrait’ included threats, risks, and challenges in the area of ICS protection as well as national, pan European, and international initiatives on ICS security. The study was performed through desktop research, survey and interviews, and a meeting with all involved stakeholders. This chapter highlights the most relevant parts of the final report of the study. It focuses on the challenges to securing ICS identified during the research, but also presents the context and the methodology of the study. In response to the challenges, the seven recommendations of ENISA for protecting ICS are proposed.