The notorious WannaCry, a ransomware that was not developed and targeting the OT environment but caused many factories and critical infrastructure to shut down, which also made ICS information security issues a major concern for enterprise and factory management. ICS cybersecurity management is different from general IT information security management; In the ICS world;  “Availability” is always the first priority in any consideration.  This agenda is sharing the experience and knowledge of how TXOne helping factories recover after they got the hit by WannaCry and how to keep the “Availability” as the principle by using Micromanagement and Cell Segregation method, and further transform that recovery methods into ICS cybersecurity countermeasures.