Identity and Access Management is emerging as a cornerstone of cybersecurity in operational technology and critical infrastructure, but its adoption remains complex and uneven, according to Industrial Cyber.
Experts warn that while identity-first models such as zero trust and least privilege offer strong security benefits, they face resistance due to legacy systems, financial costs, and cultural reluctance to change. "People do not inherently like change," said BeyondTrust's Morey Haber, stressing that failing to modernize identity controls could ultimately prove more costly. Industry voices highlight that IAM standards like IEC 62443 and NIST guidance provide frameworks, but often lack the specificity needed for real-world OT deployments. Overlay approaches and phased adoption are seen as practical strategies to bridge gaps without jeopardizing uptime. Looking forward, AI is expected to play a central role in automating verification and detecting anomalies, though it introduces new risks. Analysts agree that IAM will become the foundation of industrial resilience as IT and OT converge.
Experts warn that while identity-first models such as zero trust and least privilege offer strong security benefits, they face resistance due to legacy systems, financial costs, and cultural reluctance to change. "People do not inherently like change," said BeyondTrust's Morey Haber, stressing that failing to modernize identity controls could ultimately prove more costly. Industry voices highlight that IAM standards like IEC 62443 and NIST guidance provide frameworks, but often lack the specificity needed for real-world OT deployments. Overlay approaches and phased adoption are seen as practical strategies to bridge gaps without jeopardizing uptime. Looking forward, AI is expected to play a central role in automating verification and detecting anomalies, though it introduces new risks. Analysts agree that IAM will become the foundation of industrial resilience as IT and OT converge.
