TL;DR
Zero trust architecture, effective in enterprise IT, breaks down in IoT/OT systems due to implicit trust relationships and centralized control paths it doesn't model.
Key Points
- Zero trust assumes explicit, identity-centric, continuously enforceable trust—all violated by design in IoT/OT systems
- Most OT breaches propagate through shared controllers, firmware, and management platforms, not identity failures or segmentation bypasses
- Visibility gaps, functionally flat networks despite segmentation, and durable implicit trust create persistent blind spots in OT environments
- Unified Linkage Model (ULM) proposed as supplement to map functional dependencies, adjacency, inheritance, and trust propagation that zero trust doesn't capture
Why It Matters
Security leaders deploying zero trust in industrial and IoT environments are protecting the wrong attack surfaces while leaving critical infrastructure vulnerable. Understanding how trust actually propagates through shared infrastructure, firmware, and management planes is essential for defending operational technology systems where compromise doesn't follow traditional network paths.
Source: www.csoonline.com