Cybersecurity policies require that cyber incidents be identified as such. Cyber incident response plans are then initiated after incidents are identified as being cyber-related. To meet those goals, training is required to be able to identify control system incidents as being cyber-related and a mechanism to disseminate this information on control system cyber incidents throughout the organization as well as to relevant outside entities. Control system cyber incidents affect physics and therefore there are often physical reactions. That is trains crash, planes crash, lights go out, water supply is compromised, pipelines burst, robots “misbehave”, etc. You can’t hide the impacts, but people often can’t (or won’t) identify the incidents as being cyber-related. US government reports from NTSB, NRC, DOE, EPA, TSA, FDA, etc. have not identified many control system incidents as being cyber-related nor have many internation government organizations either. Neither have industry organizations such as NERC. Government and industry cyber information sharing programs are about vulnerabilities not consequences. A concern about control system cyber incident disclosure was identified after 9/11 - connecting the dots. This is made more difficult with the silos between sectors and federal law enforcement withholding information that a cyber incident has occurred until an indictment is issued which can be a year or more.