The core issue lies in the tension between operational uptime and digital security. Many manufacturers provide machine builders and service providers with broad, persistent access to sensitive OT environments, creating vulnerabilities that are often exploited after an initial breach. According to Knud Kegel, CTPO at Secomea, the industry must transition from enabling connectivity to actively governing it.
Secomea advocates for a shift toward just-in-time access, where permissions are granted only for specific tasks and revoked immediately upon completion. This approach, paired with rigorous audit trails and automated isolation protocols, allows security teams to maintain visibility without sacrificing the support required for complex machinery. Rather than cutting off remote capabilities, the goal is to implement least-privilege models that prevent unauthorized lateral movement during a security incident. As regulatory pressure and insurance requirements tighten, establishing these visibility and containment controls has become a foundational element of modern industrial resilience.
Comments (0)
No comments yet. Be the first!