Zscaler and Siemens partner to bring zero-trust security to operational technology systems

Get a free Techzine subscription!

Zscaler and Siemens announced a partnership this week, where the two vendors will introduce zero-trust security to operational technology (OT) systems. OT systems are usually found in industrial networks but are becoming prevalent in other industries.

Traditionally, OT systems ran proprietary networks in isolation from the company’s other data networks. Industry leaders projected that information technology and OT systems would eventually marry, but it has been a slow trek to get here.

Some OT systems have integrated with IT networks in building facilities including, LED lighting, air conditioning, and alarm systems, to augment smart building initiatives.

The pandemic brought IT and OT together

The push to integrate OT systems and IT networks has traditionally been the exception rather than the norm in many industrial settings.

The pandemic forced many organizations to go down the IT-OT path, as workers needed access to OT systems from home. The most cost-effective way was to enable VPN access through the data network. It allows workers to manage, control, and diagnose systems.

Although the VPNs worked, they are not ideal since they inadvertently create a backdoor in an ‘internet of things’ environment, significantly expanding an organization’s attack surface and exposing it to large-scale hacking.

Tackling the security problem

Some organizations have opted for a firewall-based network segmentation, which can work but is complicated to set up and even more difficult to keep updated in dynamic environments.

The reason for this is that every time a device moves, the segmentation policies have to be updated. Many organizations use coarse-grained segmentation but have struggled to adopt fine-grained segmentation, which is what’s needed in IoT environments to reduce the effects of a breach.

‘Zero trust’ assumes that no device can talk to another without explicit permission, which makes networks more secure and resilient against attacks by stopping problems before they start.