Our societal infrastructure is transforming into a connected cyber-physical system of systems, providing numerous opportunities and new capabilities, yet also posing new and reinforced risks that require explicit consideration. This chapter addresses risks specifically related to cyber-security. One contributing factor, often neglected, is the level of security education of the users. Another factor, often overlooked, concerns security-awareness of the engineers developing cyber-physical systems. Authors present results of interviews with developers and surveys showing that increase in security-awareness and understanding of security risks, evaluated as low, are the first steps to mitigate the risks. Authors also conducted practical evaluation investigating system connectivity and vulnerabilities in complex multi-step attack scenarios. This chapter advocates that security awareness of users and developers is the foundation to deployment of interconnected system of systems, and provides recommendations for steps forward highlighting the roles of people, organizations and authorities.