OT Security Standards Wars
Kenneth Crowther
S4x24 - ICS Security Conference · Day 2 · Stage 2
In this thought-provoking S4 talk, Kenneth Crowther, Product Security Leader at Xylem, challenges the efficacy of current **Operational Technology (OT) cybersecurity standards**, arguing that they are not adequately securing critical infrastructure. Crowther introduces the concept of "standards wars," a phenomenon driven by fundamental market forces and the operational models of standards organizations. He posits that the relentless pursuit of "minimum viable consensus" within these bodies leads to a proliferation of fragmented, "stove-piped" standards. This fragmentation, far from enhancing security, creates immense complexity, escalates compliance costs, and ultimately leaves OT systems vulnerable.
AI review
Crowther’s talk brilliantly dissects the underlying economic and operational forces driving the chaotic "standards wars" in OT cybersecurity. He provides a novel, systemic analysis of how information value chains and the pursuit of "minimum viable consensus" by standards bodies lead to fragmented, stove-piped guidelines that ultimately fail to secure critical infrastructure. His compelling analogy to the chemical industry's successful harmonization efforts with GHS offers a clear path forward, making this a crucial and actionable critique for anyone serious about OT security.