The Cloud Security Alliance has released a report recommending a zero-trust approach for operational technology and industrial control systems at critical infrastructure organizations as these entities increasingly become interconnected through the cloud and Industrial Internet of Things technologies, according to Security Boulevard.The zero-trust security method emphasizes continuous verification of user and application access, departing from traditional assumptions of trust. The guidance addresses the pressing need to secure critical sectors, including energy, healthcare, and financial services, in light of threats from nation-state actors like China, Russia, and Iran. The report outlines a five-step strategy for adopting zero trust in these complex environments, starting with asset inventory and risk prioritization, followed by mapping data flows, designing zero-trust architecture, creating restrictive access policies, and maintaining continuous monitoring. It emphasizes the unique challenges of securing older systems now embedded in highly integrated networks, where air-gapped systems are rare. Modernization challenges include handling legacy protocols and adapting systems for real-time monitoring without disrupting operations.
Cloud Security, Zero trust, Critical Infrastructure Security
CSA advances zero trust for critical infrastructure

(Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



