The Importance of Early Engagement in Standards
I’ve been meaning to write a response to the report that came out this summer from the National Security Agency on standards development. With many of my clients taking a break for turkey and pie, I’m finally catching up on some writing. Let’s talk standards!
Standards development isn’t just an abstract exercise for senior engineers or academic theorists. It’s the foundation upon which modern technology is built and evolves, influencing everything from cybersecurity frameworks to consumer electronics. Every time you use the Internet, you’re benefiting from the collective brainpower that built the capabilities to get you there. A recent report from the NSA and CISA, “Recommendations for Increasing U.S. Participation & Leadership in Standards Development“, underscores the importance of standards development and provides a roadmap for bolstering U.S. involvement in shaping the future of critical technologies.
I’ll be honest: I’m not as anxious about U.S. leadership in the standards space, though I agree that the U.S. has, as a nation, lost some of its influence. That said, I think the content of this article applies to every single organization out there that relies on the Internet to conduct business. If you want to influence the digital world, you have to participate in defining how that world works.
Why Standards Matter to Organizations
Organizations (by which I mean companies, governments, educational institutions, etc etc etc) that participate in standards development often find themselves in a position of influence. They drive innovation while ensuring their needs and perspectives are addressed. Standards participation provides a direct channel to discuss regulatory challenges, improve interoperability, and gain early insights into technological trends. Despite these benefits, many organizations hesitate to get involved, perceiving the process as costly, time-consuming, or overly complex. OK, granted, they aren’t entirely wrong in that perception, but I think the benefits outweigh the costs.
From my experience working with standards bodies and related NGOs since 2010, it’s clear that active participation is the key to meaningful impact. The organizations that dedicate time and resources to this effort are the ones that shape the dialogue, influence regulations, and, ultimately, improve the functionality of the Internet and related technologies.
Early Engagement: A Competitive Advantage
One point from the NSA/CISA report that I keep coming back to is the emphasis on early engagement in standards development. Getting involved early in emerging technologies lets organizations take the lead, shaping standards to fit their goals. Whether it’s contributing to the development of cryptographic standards to counter the looming quantum threat or collaborating on protocols to enhance digital identity, early involvement ensures organizations are not just reacting to changes but actively shaping them.
The Consequences of Sitting on the Sidelines
The report highlights a harsh reality: failing to engage early risks allowing other players—potentially with competing interests—to dominate the conversation. This isn’t just a hypothetical concern; history is full of examples where delayed participation led to standards that didn’t account for the needs of key stakeholders, creating hurdles for businesses and end-users alike. (I’m going to point to RFC 8471, “The Token Binding Protocol” as one example some of my readers will be familiar with. That specification was pretty much abandoned because it didn’t meet the need.)
A particularly compelling example lies in the realm of cybersecurity. Standards for multi-factor authentication and passwordless systems, for instance, have been driven by those actively participating in groups like the FIDO Alliance. Organizations that joined these efforts early have seen the benefits of enhanced security measures that align with their operational realities.
The Role of Academia and Workforce Development
The report also rightly emphasizes the importance of fostering a standards-savvy workforce. Academic institutions should play a critical role here, but they can’t do it alone. Organizations must invest in training their employees, encouraging mentorship, and prioritizing standards participation as part of professional development. This investment isn’t just about building internal expertise—it’s about ensuring the longevity and relevance of the organization in a rapidly evolving technological landscape.
A Call to Action
If you’re wondering whether your organization should get involved, my answer is absolutely yes. The barriers to entry in standards development may seem high, but the rewards are higher. By participating, you gain influence, credibility, and a seat at the table where decisions that shape the future of technology are made. If you need advice on how to get there from here, reach out. The working group chairs of whatever space you’re interested are eager to help (ask me how I know!)
It’s not just about staying competitive; it’s about leading the way. Whether you’re in cybersecurity, telecom, or any field where innovation and interoperability matter, your voice can make a difference. Let’s make sure it’s heard!
And of course, I can help in other ways, though I’ll be the first to say you can do this on your own! I can, however, make your learning and engagement more efficient. Reach out if you want to learn more about navigating this process or need support with standards development. With my experience across various SDOs, I’m here to help guide you through the complexities of Internet standards development.
