Industries with identified critical infrastructures should have full and complete participation in the development of cybersecurity standards and best practices. Any standards should be performance-based rather than technology-based to ensure that they are not out-paced by the advancement of technology. Owners and operators know best how to protect their own systems, and it is nearly impossible for the speed of bureaucracy to keep pace with ever changing threats.