You, sir, are an idiot.
SCADA is a reporting tool. SCADA is for your manager. If your managers want access, you provide them with access. Because if you're not a fucking incompetent idiot, you can make a secure system that will let management see factory data in real time.
But you're an idiot who just forwards the SCADA web access port to the internet with no password.
The problem with industrial automation "vulnerabilities" is not SCADA, it's not software, it's not anything you're thinking of. The problem with it is that these programs are designed for MECHANICAL ENGINEERS. They're decided for the really clever people that come up with those amazing designs. Who happen to be a fucking LOT better than most slashdotters at it. They're not "geeks", they're not sitting down in a computer all day. They don't understand (and don't have to) how the internet works.
I know this because I've been in both sides. I currently do some automation jobs (programming PLCs) and I don't know SHIT about mechanics (I didn't know that 3-phase motors could be wired different to work in different voltages, but that's something you learn in first year in TECHNICAL HIGH SCHOOL). But I can program a PLC, and connect the SCADA to the internet SAFELY.
It's not about being a smug idiot, thinking everyone else is stupid, and management is wrong. That attitude won't get you far in life. It's about convincing management that there are different skill sets involved and it's dangerous to do what they are doing. And offer a solution.