Operational Tech Is More Connected Than Ever. Zero Trust Can Keep It Running.

Just last week, a coalition of global cyber authorities, including the U.K. National Cyber Security Centre, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and other Five Eyes partners, released new guidance, Secure Connectivity Principles for Operational Technology (OT), on secure connectivity for OT.  

Their message is that OT environments are more connected than ever. Unmanaged connectivity now represents a real risk to safety, uptime, and critical infrastructure.  

That reality is visible on the factory floor.

Modern factories rely on software, not people, to manage temperature, materials, lubrication, faults, and production flow. Machines run continuously while humans supervise.

This shift, often labeled Industry 4.0, has erased traditional trust boundaries. OT is no longer isolated. It’s virtualized, networked, and increasingly indistinguishable from IT. Systems once protected by physical separation now depend on shared platforms and software-defined connections.

This is why Zero Trust is becoming critical in OT environments.  

As connectivity increases, trust must be explicit, communication tightly controlled, and access continuously verified to keep critical systems running and contain failure when it occurs.

When OT starts to look like IT, security assumptions break

Historically, OT systems were discrete. Controllers were wired directly to machines. Communication paths were fixed. Security came from isolation.

That model no longer holds.

Today, controllers connect to Ethernet networks. Applications run on shared gateways. Data flows back to control centers, data centers, cloud platforms, and enterprise resource planning (ERP) systems.  

Under the hood, many of these systems run on standard operating systems like Linux and Windows.

That brings flexibility and efficiency. It also brings the same vulnerabilities IT has wrestled with for years.

The difference is tolerance for failure. In IT, a security issue might disrupt email or reporting. In OT, it can halt production, disrupt power, or stop water from flowing.  

Zero Trust becomes necessary the moment isolation disappears.

Why traditional security models don’t work in OT

A common mistake is trying to apply IT security controls directly to operational environments.

OT systems operate at high speed. Thousands of events can happen every second. Latency and stability matter. You can’t introduce tools that hook deep into the kernel, force reboots, or slow execution.

That rules out many endpoint-centric approaches. It also explains why security teams in operational environments are cautious. Their priority is keeping systems running. Any control that risks disruption will be resisted.

Zero Trust doesn’t require invasive agents or constant intervention. It focuses on enforcing communication boundaries, not interfering with how systems operate.

What the new OT guidance says about Zero Trust

Last week's report outlines eight design principles that map directly to a Zero Trust model for OT.  

Together, they describe how to build connectivity that assumes compromise and prioritizes resilience.

Here are the eight principles and how they align with Zero Trust:

• Balance risks and opportunities. Every connection must have a clear business purpose, an understood risk tolerance, and a named owner. Zero Trust starts by eliminating assumed access. ‍
• Limit the exposure of your connectivity. Reduce what is reachable, when it’s reachable, and by whom. Always-on access increases risk. Least-privilege and just-in-time access reduce it. ‍
• Centralize and standardize network connections. Ad hoc connectivity creates blind spots. Zero Trust relies on consistent enforcement points where policy can be applied and audited. ‍
• Use standardized and secure protocols. Known-good traffic matters. Zero Trust treats all traffic as untrusted until verified against expected behavior. ‍
• Harden your OT boundary. Boundaries are active control planes, not static lines. Zero Trust enforces policy at boundaries designed to evolve with threats. ‍
• Limit the impact of compromise. Segmentation restricts lateral movement and reduces blast radius when incidents occur. ‍
• Ensure all connectivity is logged and monitored. Visibility is foundational. Zero Trust without continuous monitoring is unenforceable. ‍
• Establish an isolation plan. Isolation is a resilience strategy, not a failure state. Zero Trust assumes parts of the environment may need to be cut off to keep critical systems running.

Taken together, these principles define what Zero Trust looks like in real-world OT environments.

Why Zero Trust in OT is a must-have

The release of the Secure Connectivity Principles for Operational Technology reflects the reality that OT is more connected, software-driven, and exposed than ever before.  

Today, OT connectivity must be intentional and resilient by design. That’s exactly what a Zero Trust approach delivers. It aligns security with the core mission of OT: keeping critical systems running.

For organizations responsible for essential services, this report is a signal that the shift is already underway.  

Zero Trust is no longer optional. It’s becoming the operating model for modern OT security.