Zero Trust for Operational Technology: What the New CISA Guide Requires of Your Security Architecture

Zero Trust for OT (operational technology) is a security architecture that eliminates implicit trust in industrial networks, requiring every user, device, and data transfer to be continuously verified based on identity, context, and risk before access is granted to any operational system or physical process. Unlike IT, OT Zero Trust must operate without disrupting continuous operations, safety systems, or legacy equipment that cannot run modern security agents.

Five U.S. government agencies: CISA (Cybersecurity and Infrastructure Security Agency), the Department of Defense, the Department of Energy, the FBI, and the Department of State, published the most authoritative statement yet on industrial cybersecurity: Adapting Zero Trust Principles to Operational Technology. The message is unambiguous. Zero Trust is no longer a framework reserved for IT environments. It is now the expected security posture for every organization operating OT systems, from energy grids to water treatment facilities to government installations.

If you're an OT security leader reading this, the question isn't whether Zero Trust is the right direction. It's how you close the gap between a government mandate compliance/audit requirements and a facility running decades-old equipment, a stretched team, and a board asking what you're doing about it. This post answers that: what the CISA guide actually requires at each pillar, and where OPSWAT's platform maps to every one of them.

The guide names three pillars that every OT Zero Trust program must address: comprehensive asset visibility, robust IAM (identity and access management), and proactive supply chain risk management. It also names the adversaries driving urgency — nation-state groups like Volt Typhoon, which CISA has observed pre-positioning inside OT networks to maintain persistence and await activation.

In IT, Zero Trust is enforced through software — identity providers, endpoint agents, and access policies updatable in hours. OT environments operate under constraints that make direct IT approaches unworkable: legacy PLCs (Programmable Logic Controllers) with 20-year lifecycles that cannot run modern authentication agents, strict uptime requirements where a discovery packet can cause an unplanned shutdown, and a direct link between cybersecurity and physical safety that IT simply does not have.

The CISA guide is candid about these constraints. Implementing Zero Trust across aging industrial infrastructure takes years and significant investment. That tension is real.

What the guide makes clear is that the threat environment is not waiting for those plans to mature. As OT systems become increasingly interconnected with IT networks and remotely monitored, the traditional air-gap assumption no longer holds. Attackers have already adapted. The controls organizations implement today — even incremental ones — determine how much of that attack surface is exposed while the longer transformation is underway. The question is not whether to start. It is where.

CISA's guide identifies three priorities for Zero Trust in OT: comprehensive asset visibility, robust identity and access management, and proactive supply chain risk management. It also calls out the specific threat actors — Volt Typhoon, state-affiliated groups — already exploiting the gaps these controls are designed to close.

OPSWAT's platform was built for exactly this. Passive OT asset discovery without touching a single device. Hardware-enforced isolation that makes entire classes of remote attack physically impossible. Deep CDR™ Technology applied at every file transfer point — network, USB, data transfer. Identity and access enforcement at the session level before any connection reaches a control system.

In OT environments, asset visibility means maintaining a complete, continuously updated inventory of every device on the industrial network — including legacy PLCs, RTUs (Remote Terminal Units), and HMIs (Human Machine Interfaces) — along with firmware versions and protocols, using passive monitoring methods that do not generate traffic that could disrupt sensitive control systems.

This is where most OT security programs carry their largest unaddressed gap; and the reasons are architectural, not organizational. Industrial networks are built around a fundamentally different device population than IT environments. A typical OT network contains PLCs, RTUs, DCS controllers, sensors, relays, HMIs, engineering workstations, and a growing layer of IIoT devices, each communicating in the precise protocol it was designed for: Modbus, EtherNet/IP, DNP3, PROFINET, OPC-UA, and dozens of proprietary variants. Standard IT discovery tooling cannot parse these protocols. It does not understand the semantics of a Modbus function code, cannot interpret a DNP3 data object, and has no model for what constitutes normal versus anomalous behavior in an EtherNet/IP implicit message exchange. When those tools encounter OT devices, they either return incomplete data or generate unexpected traffic that the receiving device was never designed to handle.

That second outcome is not hypothetical. Active scanning in OT environments has caused unplanned process interruptions and device lockouts in production facilities. This is why the CISA guide recommends passive monitoring as the appropriate method for OT asset discovery, and why that recommendation is not negotiable in environments with strict uptime requirements. Passive collection, deployed via network TAPs or SPAN ports, listens to traffic without injecting queries that could disrupt sensitive control systems. It observes what is communicating, how it is communicating, and what normal looks like, without touching a single device on the monitored network.

The coverage problem this approach must solve is compounded by the nature of OT communication patterns. Many devices communicate only during specific operational events: a PLC may only transmit during a production cycle, a relay may only report during a fault condition, a field sensor may have intermittent burst traffic separated by long silent intervals. A monitoring window that does not account for the full range of operational modes will produce an incomplete inventory — and the assets missing from that inventory are exactly the assets that cannot be protected, segmented, or monitored. According to SANS 2025 State of ICS/OT Cybersecurity data, asset visibility remains the top security investment priority for industrial organizations, yet fewer than 1 in 8 report full visibility across their environment from initial network access through to potential impact on physical processes. The gap is not a funding problem. It is a methodology problem.

Volt Typhoon exploits exactly this gap. The group's documented approach involves blending into normal network operations — using legitimate protocols, authorized pathways, and standard administrative tools — to establish persistent access inside OT environments. Without full visibility into what is on the network and what normal behavior looks like, those techniques are effectively invisible.

MetaDefender OT Security™, OPSWAT's OT security platform, addresses this with passive asset discovery and deep OT protocol analysis. By listening to network traffic rather than generating it, the platform builds a complete asset inventory and behavioral baseline without touching the devices being monitored — alongside vulnerability and patch management and compliance reporting in a single OT-native interface. Anomalous sessions, unexpected device communications, and unauthorized protocol interactions become detectable — before they escalate to operational impact.

The hardest IAM challenge in OT is that attackers increasingly use legitimate access paths — valid credentials, authorized remote sessions, and standard engineering tools — rather than software exploits. The Iranian-affiliated actors described in a recent joint FBI and CISA advisory connected to internet-facing PLCs using standard industrial communication ports and interacted with control systems as if they were authorized operators.

The most widely deployed remote access solution in OT environments - the VPN - introduces a category of risk that's structural, not configurational. VPNs establish direct network-level connectivity that breaks the hierarchical isolation of the Purdue Model, dropping third-party vendors onto control network segments with no granular session control and no mechanism for least-privilege enforcement. Any compromised or secure device on the vendor's end of that tunnel inherits a direct network path to production systems. For legacy OT endpoints with no native authentication capability the exposure compounds further. These devices cannot log access events, cannot enforce session policies, and cannot terminate unauthorized connections. Whatever enforcement exists has to sit upstream of the device entirely, or it doesn't exist at all. MetaDefender Industrial Firewall™, OPSWAT's industrial firewall for OT networks, addresses the segmentation problem directly — enforcing zone-based segmentation and controlling lateral movement even when a vendor session is already inside the network.

The CISA guide makes the consequence of leaving this unaddressed concrete. State-affiliated threat actors reached and operated internet-facing PLCs using standard industrial communication ports and not through software exploits, but simply by connecting the way an authorized operator would. The credentials looked right. The protocols looked expected. Nothing flagged the session, because nothing was positioned to evaluate session legitimacy at the access layer.

MetaDefender OT Access enforces Zero Trust at the session level, before any connection reaches an OT asset. Every remote session, whether it's an internal engineer, a scheduled OEM maintenance window, or a third-party contractor connecting for the first time; is individually authenticated, scoped to the minimum required access, time-limited, and fully logged. Sessions are recorded, continuously monitored, and can be terminated in real time if behavior falls outside expected parameters. No standing network access, persistent tunnel or path to assets outside what that specific session explicitly requires. And for legacy devices that can't participate in modern authentication - MetaDefender OT Access handles enforcement at the connection management layer, so the control exists regardless of what the device itself is capable of.

In OT, supply chain risk encompasses both digital and physical transfer events: software updates delivered over networks, vendor laptops brought on-site, firmware loaded from USB drives, and engineering files transferred from IT into air-gapped control networks. Each represents a potential introduction of malicious content into systems that, once compromised, can directly affect physical processes.

Before any software artifact reaches the OT boundary, its integrity should already be established. MetaDefender Software Supply Chain™ addresses this on the IT side of the transfer chain — validating vendor-supplied engineering tools, firmware packages, and industrial software updates against SBOM data, confirming artifacts have not been tampered with in transit, and surfacing unknown components before they are cleared for transfer. By the time a file reaches the Kiosk inspection point or the MFT transfer workflow, it has already passed the IT-layer integrity check. So the boundary controls are reinforcing a decision already made, not compensating for one that was never taken

This is the attack surface that network-based controls cannot fully address — but network-layer enforcement still plays a critical role once a supplier is inside. MetaDefender Industrial Firewall is critical for inspecting the actual industrial protocol payload of every vendor session. Even when a third-party connection is authorized, the firewall validates that commands stay within expected function codes and value ranges for that session — blocking malicious commands from a compromised vendor tool or tampered update in real time. It also enforces strict communication paths: a vendor-connected device can only reach the specific systems it has been scoped for, containing any supply chain compromise before it can move laterally across OT zones. And for known CVEs in OT components where the vendor patch hasn't shipped yet — which in OT is often months — the Industrial Firewall applies virtual patches at the network level, blocking exploitation without touching the device.

MetaDefender Kiosk™, OPSWAT's removable media security solution, intercepts and inspects every piece of removable media before it enters a secure zone. Every file is scanned through Metascan™ Multiscanning across more than 30 anti-malware engines, evaluated by Predictive Alin AI for pre-execution zero-day detection, and processed through Deep CDR™ Technology, which reconstructs the file to a known-safe state — removing embedded threats while preserving the legitimate content a technician needs to do their job. MetaDefender Media Firewall, OPSWAT's removable media scanning enforcement solution, extends this enforcement to USB ports at the endpoint level — applying hardware-based validation that only removable media already scanned and approved by MetaDefender Kiosk can connect to a protected workstation, regardless of where in the facility it is located. MetaDefender Endpoint™, OPSWAT's advanced endpoint protection solution, is deployed on critical endpoints to validate whether files from removable media devices were first scanned and processed by MetaDefender Kiosk. This ensures that only validated files can be opened, copied, or accessed by the endpoint, and that unauthorized or unscanned files are blocked from reaching critical environments.

For transfers that cross network zones — from IT into OT, or from cloud-connected systems into isolated control environments — MetaDefender Optical Diode™, OPSWAT's data diode solution, provides hardware-enforced one-way data flow. This includes operational data like historian values, sensor telemetry, process data that flows outward from the OT network to IT systems, analytics platforms, or cloud infrastructure for monitoring and reporting. No inbound command, connection request, software update, or payload can traverse the boundary in the reverse direction. The security guarantee does not depend on correct configuration, regularly patched software, or access credential integrity, because none of those software-layer factors have any path to override the hardware constraint. For organizations operating legacy control systems that cannot be upgraded, cannot run endpoint agents, and cannot tolerate security-induced downtime, this is the architecture the CISA guide and the broader industrial security community have converged on as the appropriate technical answer.

MetaDefender Managed File Transfer™ (MFT) addresses the structured transfer requirement for organizations that need to move operational files between zones with full inspection, audit logging, and workflow control. It enforces content verification at every transfer event, ensuring that the file transfer pathway itself does not become an unmonitored ingress point.

Not every boundary can be protected by policy. Some require physics. Cross-Domain Solutions (CDS) enforce hardware-level boundaries between OT and IT networks, where no software misconfiguration, stolen credential, or zero-day can open an inbound path. MetaDefender Optical Diode and MetaDefender Unidirectional Security Gateway™ are both Common Criteria EAL4+ certified and [support compliance with NERC CIP, IEC 62443, NRC 5.71, NIST 800-82, and ISO 27001](https://www.opswat.com/blog/data-diodes-compliance-frameworks) — the full stack of frameworks governing critical infrastructure in energy, nuclear, chemical, and defense.

The CISA guide aligns to the NIST CSF (Cybersecurity Framework) 2.0 functions — Govern, Identify, Protect, Detect, Respond, Recover. The table below maps each requirement to the relevant OPSWAT capability:

Zero Trust in OT is not a product you purchase. The CISA guide is clear on this point — tools and technologies are necessary but insufficient on their own. What organizations need is a platform built for environments where availability, safety, and compliance are non-negotiable. OPSWAT's MetaDefender™ Platform delivers that architecture across the full scope of the CISA mandate — from the inbox where initial access begins, to the hardware-enforced boundary where commands to critical systems end.

As the table above shows, OPSWAT covers every CISA-aligned control category across all six NIST CSF 2.0 functions in a single platform — a scope no OT pure-play vendor matches. Ready to assess where your OT environment stands against the CISA Zero Trust framework?

Chat with an Expert →