First Impressions and Lasting Insights from an S4 Rookie
Jonathon Gordon
Industry Analyst @ Takepoint Research | Senior Analyst - Cyber Security
Link to full review here https://takepoint.co/ind-cyb/first-impressions-and-lasting-insights-from-an-s4-rookie/
I must confess, somewhat sheepishly, that this year marked my inaugural visit to S4. Despite previous intentions to attend, various obstacles, including the challenges posed by COVID-19, have prevented my participation until now. I extend my deepest gratitude to Dale Peterson , the visionary founder and dynamic force behind the S4 community, for orchestrating such a compelling event.
S4 is not a gathering for the faint-hearted. At first glance, it might resemble a blend of an extended family reunion or a gathering reminiscent of the "Friends" TV show cast, with everyone seemingly enjoying the camaraderie, but don't be fooled — this event is an intense and immensely rewarding marathon of work spanning 3-4 days. I anticipate it will take me several weeks to fully digest and understand all the insights and knowledge I've gained from both the formal presentations and the invaluable informal discussions with industry leaders.
This conference stands alone in its ability to gather such a high caliber of practitioners and thought leaders, all generously sharing their expertise with the singular aim of advancing our community and industry. The atmosphere is remarkably open and welcoming; whether you've dedicated 20 years to industrial automation or are newly intrigued by the field, the willingness of participants to offer advice and share knowledge freely is truly exceptional.
Dale suggests that S4 may not cater to everyone, a notion with which I have mixed feelings. Certainly, newcomers might be overwhelmed by the technical intricacies of some sessions, and vendors in search of business opportunities could leave feeling somewhat disillusioned.
In my conversations with several newcomers (asset owners) attending for the first time, many expressed initial reservations about their technical fit for the event. Remarkably, they each discovered aspects within the sessions and discussions that resonated with them, providing a gateway to grasp and navigate through wider subjects. From automation professionals exploring cybersecurity for the first time to IT and cybersecurity experts who had never set foot on a production floor, attendees found ways to connect with the material, likely leaving more informed and confident in charting a path forward for themselves and their organizations.
Dale's opening keynote, emphasizing the significance and impact of belief on success, reflects the essence of this gathering. It's the diversity of professional backgrounds, united by a shared humility and spirit of inclusivity, that characterizes this unique community. While S4 has commendably spotlighted the importance of gender diversity through its Women in ICS initiative, the industry's pursuit of broader diversity remains an ongoing challenge, with much work still ahead.
Danielle J. eloquently highlighted a notable disparity within the industry and broader society: the existence of double standards and inequities, especially in professional expectations and resource distribution among organizations. She emphasized how smaller, resource-limited organizations are frequently left most exposed. This point resonated deeply with me, as it seems the industry, including vendors and System Integrators, primarily targets the top tier of the pyramid, often neglecting the more vulnerable and less financially appealing segments. This oversight not only reflects a significant issue within our industry, aiming to protect and secure but also mirrors broader societal challenges when it comes to “defending civilization”.
In the opening keynote, Dale's emphasized the common belief in OT security that defenders must be perfect to prevent attacks, highlighting how this belief sets an unrealistic standard and contributes to stress and a sense of futility among professionals. He went on to call for a shift in how success is measured in OT security, advocating for metrics and stories that highlight successes rather than focusing solely on failures or the need for perfection.
Dale called on the S4 community to redefine what success means in OT security, moving away from fear, uncertainty, and doubt (FUD) and towards a more balanced and realistic assessment of risks and achievements.
For me, this represents a sign of maturity in an industry that is still navigating its path and identity, a process inherent to its evolution. Some believe that, in the long term, there isn't a distinct OT cybersecurity market.
Teodosio Gutiérrez talked about the challenges of accurately defining the Total Addressable Market (TAM) for OT cybersecurity. As an analyst covering this market, this is a conundrum I know all too well, and it's a question frequently posed to me by both investors and vendors. Ted raised doubts about the market's size being as extensive as some projections suggest, highlighting potential implications for investment strategies and expectations for market expansion.
Others argue that the unique needs and focus of industrial organizations necessitate a distinct OT cybersecurity market. Ultimately, only time will reveal the outcome.
Reflecting on our market coverage over the last 7-8 years, it's evident that this period, though relatively brief, has witnessed a couple of cycles of consolidation and acquisitions. Concurrently, there's been a surge of new startups and service providers entering the scene.
However, there have also been phases where adoption seemed to hit a plateau, especially among early adopters and even as it began reaching the early majority. This was particularly noticeable during times when vendors primarily emphasized visibility, without clearly demonstrating value.
I find myself in strong agreement with Ted's emphasis on the necessity for cybersecurity solutions to be closely aligned with operational needs, encompassing safety, reliability, and profitability. Again, this reflects the ongoing journey and maturation of our industry.
I'll be providing a more detailed summary of the S4 event on takepoint.co soon. However, for the moment, it's important to note that the S4 community is incredibly welcoming to anyone who has a passion for OT cybersecurity. And I wanted to shout out to all the amazing folks I met or caught up with over the past week, simply an amazing bunch of people.
AJ E. Peter Jackson Daniel Trivellato Vincent Turmel, PhD CISSP Teodosio Gutiérrez Patrick C Miller Michael Langer Marco (Marc) Ayala Danielle J. Robin Berthier Peter Lund John Cusimano, CFSE, CISSP, GICSP Saltanat Mashirova Andrew Ginter Del R. Michael Plante Tony Turner Donovan Tindill Brad Wynes Chad Elmendorf Roya Gordon Eric Byres Ron Brash Yair Attar Jacob Marzloff Marty Edwards Kevin Kumpf Derek Harp Mollie Breen Elad Ben Meir Colin Dunn Kat Lewis Clint Bodungen Aaron C. Crow Sean Tufts
Dan Ricci Keep up the amazing work!
?? Ryan Heartfield - great to catch up as always and thanks for the lift.
Mike Holcomb - My S4 buddy, I hope to see you again soon!
Link to full review here https://takepoint.co/ind-cyb/first-impressions-and-lasting-insights-from-an-s4-rookie/
Buisness Development and Product Expert
8 个月After years of Zoom calls it was great meeting you in person!
OT/Cyber Physical Systems Security | Ex-GE | Ex-Fortinet | Edge Computing, IIOT, ICS, Renewables
8 个月Was a pleasure to meet you in person and catch up, Jonathon Gordon
CEO, Founder, Seed Investor.
8 个月Jonathon Gordon it was great seeing you at S4, even if only briefly. I guess we'll meet again in CS4CA?shortly.
OT Cybersecurity Vision and Leadership - CISSP- CISA- 62443 Expert - Clearing the Fog for a Future of Clarity.
8 个月It was brief, but great to meet Jonathon and look forward to future conversations.
Co-Founder & CEO @ SecurityGate | Industrial Risk Management
8 个月Great catching up with you Jonathon Gordon and for the shoutout on the session. We all have hard work to do but I belive the future is undoubtedly bright for this industry.