CybersecurityInfrastructure

US Agencies Issue Zero Trust Guidance for OT Security

Analyst 207||Source: InfoSecMag
Control room with industrial equipment and computer systems under bright lighting, featuring multiple monitors and a large…

“Outlining practical steps to secure critical infrastructure systems while meeting safety and uptime requirements,” the new guide from U.S. government agencies reframes zero‑trust not as an IT playbook to be copied wholesale, but as a set of layered, context‑aware choices for operational technology (OT) environments.

Who produced the guidance and who it targets

The publication, Adapting Zero Trust Principles to Operational Technology, was developed by a multi‑agency working group led by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) alongside federal partners. The document is designed for security practitioners and OT operators and aims to bridge a long‑standing gap between IT security models and the safety‑critical, uptime‑focused demands of industrial systems.

Addressing IT–OT convergence risks

The guide foregrounds a simple fact: as industrial systems become increasingly connected, the attack surface has expanded and adversaries are finding routes from IT into OT. It calls out weak network segmentation, compromised credentials, and supply‑chain vulnerabilities as common pivot points. The text cites malware families such as CrashOverride and BlackEnergy as examples that demonstrate adversaries’ ability to disrupt physical processes, and it highlights living‑off‑the‑land (LOTL) techniques that let attackers blend into normal operations.

Because these threats can produce physical consequences—service disruption, equipment damage and safety hazards—the guidance instructs that risk assessments must consider both digital and physical impacts when prioritizing defenses.

Core Principles For Zero Trust in OT

  • Establish comprehensive asset inventories using passive monitoring to account for legacy and hard‑to‑scan devices.
  • Enforce network segmentation and microsegmentation to limit lateral movement inside industrial networks.
  • Implement identity and access controls adapted to legacy systems that may lack modern authentication features.
  • Secure remote access through the use of jump hosts and multifactor authentication (MFA).
  • Integrate supply‑chain risk management into procurement decisions to reduce exposure from third parties and components.

Rather than prescribing a single technical architecture, the agencies recommend a layered approach tailored to the operational environment and emphasize collaboration between IT, OT and security teams to balance protection with operational continuity.

Balancing security with operational constraints

The guidance explicitly recognizes constraints that differentiate OT from IT: limited patching windows, minimal logging capabilities, and long equipment lifecycles. Where modern security features cannot be deployed, the document recommends compensating controls such as enhanced monitoring and strict access policies. Incident response and recovery receive particular attention: organizations are advised to align cyber response with existing safety procedures and business continuity plans to minimize disruption during attacks.

Underpinning this advice is a strategic shift away from perimeter defenses toward models that “assume compromise” and require continuous verification of access. The goal is not to eradicate risk but to improve resilience through informed, context‑aware decisions.

What this means for security practitioners, OT operators, and procurement leaders

  • Security practitioners and OT operators: Expect to prioritize visibility and asset discovery via passive monitoring, to implement segmentation, and to refine incident response so cyber playbooks dovetail with physical‑safety procedures.
  • Procurement leaders: The guidance makes supply‑chain risk management a procurement consideration—buyers are asked to weigh security posture and component provenance when acquiring OT equipment.
  • IT teams working with OT: The document requires cross‑discipline collaboration; IT controls and tools cannot simply be transplanted into OT without adaptation for availability and safety needs.

Adopting zero trust with a resilience mindset

The agencies conclude that adopting zero trust in OT is not about eliminating risk entirely but about improving resilience. That framing reframes success metrics: reduced lateral movement, improved identification of anomalous behavior, tighter remote access controls, and alignment of cyber and safety incident playbooks become measurable steps toward sustained operational continuity.

For organizations charged with keeping lights on, pumps running and factories safe, the guide is practical rather than prescriptive: it catalogues options—segmentation, identity controls, jump hosts, supply‑chain scrutiny—and asks operators to choose combinations that match their safety requirements and availability constraints. The immediate question left on the table is operational: which compensating controls can be deployed quickly without degrading safety or uptime, and how will IT, OT and security teams institutionalize the cross‑domain coordination the guide prescribes?

Read the original guidance: https://www.infosecurity-magazine.com/news/zero-trust-guidance-operational/

CisaCritical InfrastructureEmerging ThreatsNational SecurityOperational TechnologySupply Chain SecurityZero TrustUs GovernmentOT SecurityIndustrial Security
Related Intelligence

Continue Reading

Close-up of a smartphone's circuit board with blurred background, components out of focus.

BootROM Exploit Targets Millions of iPhones

Millions of iPhones are vulnerable to a newly discovered BootROM exploit, known as "usbliter8", that can't be fixed with software updates because it's embedded in the device's hardware. This means iPhones with A12 and A13 processors will be at risk for the rest of their lifespan.

Analyst 207
Blurred laptop screen on office table surrounded by coworkers.

AI Agents Emerge as Unchecked Identities in Enterprise Security

The equation for enterprise security is no longer simple: with AI agents now connected to critical business services, controlling identities is no longer enough to control risk. These emerging insiders have quietly become privileged - and potentially invisible - attack paths that security and identity programs must urgently address.

Analyst 207
Security analysts work at computer workstations and a large wall screen in a brightly-lit operations center.

AI Shifts Threat Management from Reactive to Proactive Stance

With a sprawling security stack of 40+ tools, enterprise teams are drowning in overlapping alerts and manual handoffs, leaving gaping holes for adversaries to exploit. This disjointed approach leaves teams scrambling to respond to threats, with attackers enjoying a lengthy 43-day window to wreak havoc.

Analyst 207
Windows desktop with Recycle Bin open, showing a file and a confirmation dialog with a partially obscured filename.

Microsoft Updates Trigger Recycle Bin Filename Glitch

Microsoft just revealed a frustrating glitch in the Recycle Bin that displays a confusing filename when you permanently delete an item, showing a cryptic code instead of the file's original name. Luckily, the issue only affects the deletion confirmation dialog and doesn't change the file's name in the Recycle Bin or when it's restored.

Analyst 207