{"id":207493,"date":"2026-04-30T11:25:00","date_gmt":"2026-04-30T15:25:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/30\/us-agencies-promote-zero-trust-practices-for-operational-technology-networks\/"},"modified":"2026-04-30T14:30:53","modified_gmt":"2026-04-30T18:30:53","slug":"us-agencies-promote-zero-trust-practices-for-operational-technology-networks","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/30\/us-agencies-promote-zero-trust-practices-for-operational-technology-networks\/","title":{"rendered":"US agencies promote zero-trust practices for operational technology networks"},"content":{"rendered":"<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/zero-trust-operational-technology-us-guidance\/818950\/\">US agencies promote zero-trust practices for operational technology networks<\/a><\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/zero-trust-operational-technology-us-guidance\/818950\/\">https:\/\/www.cybersecuritydive.com\/news\/zero-trust-operational-technology-us-guidance\/818950\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-30 11:25:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.cybersecuritydive.com\">www.cybersecuritydive.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>A group of U.S. government agencies on Wednesday offered advice for critical infrastructure organizations on applying zero-trust (ZT) principles to their operational technology (OT) environments.<br \/>\nTaking a zero-trust approach to these industrial systems requires careful consideration, the new government publication says, \u201cbecause OT systems interact with the physical environment and are constrained by availability and safety requirements, as well as legacy technology with long lifespans.\u201d<br \/>\nThe document \u2014 co-authored by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the departments of Defense, Energy and State \u2014 describes the unique challenges that OT environments pose, the importance of clear governance frameworks and supply-chain oversight, and the steps that infrastructure operators should take to implement zero trust.<\/p>\n<p>The government advice comes as hackers increasingly turn their attention to OT operators, many of which use insecure legacy technology, lack adequate cybersecurity budgets and cannot tolerate significant downtime.<br \/>\n\u201cThis guide moves owners and operators from reactive to proactive,\u201d Brett Leatherman, the assistant director of the FBI\u2019s Cyber Division, said in a statement. \u201cResilience in OT isn\u2019t achieved through any single control; it requires layered defenses that raise the cost for adversaries at every stage.<br \/>\nOrganizations should begin by establishing governance structures, the publication says, including \u201cshared accountability\u201d between stakeholders and the use of supply-chain risk management tools such as software bills of materials. Next, they must identify and analyze their assets, implement processes for tracking changes to those assets and evaluate the threats the assets face.<br \/>\nThe document then recommends specific zero-trust security practices, such as network segmentation, identity management, secure remote access, vulnerability management and data encryption. But it warns that most of these practices will work differently in OT environments than in traditional IT environments.<br \/>\nIn particular, ideal access controls may not be possible in OT environments due to operational needs, the document says, so organizations should stack a series of compensating controls on top of each other to make it harder for hackers to exploit access-control weaknesses. The document also contrasts how IT and OT environments can implement network segmentation, highlighting the difficulties that exist in the OT world.<\/p>\n<p>The document also includes sections on threat detection, response and recovery, with guidance and recommendations about the OT-specific considerations for each of those activities. For example, it notes that endpoint detection and response (EDR) software is sometimes difficult to run on the embedded systems prevalent in OT environments, and it offers advice for how to deal with those challenges. It also suggests ways for incident responders to contain attacks on OT systems.<br \/>\nShared organizational responsibility is a major theme of the publication, which warns that \u201ctools and technologies alone are insufficient\u201d to implement zero-trust principles.<br \/>\n\u201cStrong collaboration between IT, OT, and cybersecurity teams is critical to achieving effective and sustainable implementation of technology and processes,\u201d the publication says. \u201cThis collaboration requires breaking down organizational silos, fostering mutual understanding, and tailoring ZT principles to the unique characteristics and operational requirements of each OT environment.\u201d<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>US agencies promote zero-trust practices for operational technology networks https:\/\/www.cybersecuritydive.com\/news\/zero-trust-operational-technology-us-guidance\/818950\/ Publish Date: 2026-04-30 11:25:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":207494,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/UlfU35ZgPb-tAzjX-jeIZU2J9RtcKE0bHQQ9wjzHxXA\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9HZXR0eUltYWdlcy0xMzY2NTU0MDkyLmpwZw==.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,27],"class_list":["post-207493","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/207493"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=207493"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/207493\/revisions"}],"predecessor-version":[{"id":207495,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/207493\/revisions\/207495"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/207494"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=207493"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=207493"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=207493"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}