Normalization of Deviance
Marco Ayala
S4x24 - ICS Security Conference · Day 1 · Stage 3
Marco Ayala's S4x24 talk, "Normalization of Deviance," delves into a critical, often overlooked phenomenon impacting industrial control systems (ICS) and operational technology (OT) environments. The talk explores how organizations, individuals, and groups gradually accept a lower standard of performance or safety, leading to what becomes a "new normal" over time. This insidious process, rooted in human behavior and organizational culture, poses a significant threat to the integrity and security of critical infrastructure as it undergoes digital transformation.
AI review
Marco Ayala's talk on the "Normalization of Deviance" delivers a critically important, albeit uncomfortable, message for the OT security community. While not a technical exploit deep-dive, it serves as a foundational conceptual framework, masterfully illustrating how the slow erosion of safety and security standards, driven by human behavior and organizational culture, creates systemic vulnerabilities in critical infrastructure. Ayala's deep industry experience and clear articulation of this insidious process make it a must-understand for anyone serious about defending operational technology.