Industrial cyber risks: How to manage access to OT systems

Operational technologies (OT) environments are prime targets for state-sponsored groups, cybercriminals and hacktivists, all looking to exploit vulnerabilities in industrial control systems for the purposes of espionage, disruption or destruction.

According to the 2025 OT Cybersecurity Year in Review report from Dragos, attackers are developing faster than the defenders. The report highlights a significant increase in attacks targeting OT environments—many of them sophisticated, coordinated and with major operational consequences. In this context, access management, network segmentation and leadership involvement are becoming key levers in strengthening security posture.

Weak access management in industrial systems poses a direct threat to the continuity of industrial operations. Traditionally isolated, OT systems are now increasingly connected to IT networks to enhance performance and leverage new technologies such as cloud computing and artificial intelligence (Industry 4.0). This IT-OT convergence has increased the cyber risk to OT environments, which were not built with integrated security in mind.

Reducing these risks involves both adopting innovative solutions and implementing solid access management processes. Here are a few avenues to explore:

• Establishing centralized identity and access management (IAM)
  In industrial systems, access management is often decentralized and based on local accounts, which hampers the monitoring of identities and privileges, and opens the door to unauthorized access. Implementing centralized IAM is recommended to enhance organizations’ security posture. This centralization makes it possible to proactively and securely control, audit and revoke accesses.
• Implementing role-based access control (RBAC)
  RBAC is an access management method that assigns permissions based on users’ roles. Grouping authorizations by role improves management and strengthens security through the principle of least privilege.
• Ensuring default account management
  Default accounts—often built into OS and applications—are well known to attackers. To prevent exploitation, it’s recommended to disable these accounts or modify their configurations to reduce privileges as early as possible.
• Using multi-factor authentication (MFA)
  Passwords are vulnerable to brute-force, dictionary, and phishing attacks. For critical systems and privileged accounts, strong or multi-factor authentication is essential. This includes technologies like PKI (public key infrastructure) certificate-based authentication, which adds another layer of identity verification.
• Using a demilitarized zone (DMZ) with intermediate systems for OT access
  These "bastion" or "security gateway" systems are deployed in a DMZ to mediate access to OT environments. They allow network segmentation, enforce strong authentication, log activities, and inspect commands—thereby reducing lateral movement and supporting a defense-in-depth strategy.
• Conducting regular access rights audits
  Without periodic reviews, users may accumulate excessive privileges. Regular audits ensure that each person only retains access necessary for their duties, helping to limit insider threats and meet compliance goals.
• Implementing network segmentation and a Zero Trust model
  Separating IT and OT networks reduces attack surfaces and lateral movement. Use firewalls, access zones, and strict rules to allow only necessary communication. This supports both containment and resilience.
• Integrating physical security
  OT systems are also vulnerable to physical attacks. Protecting access points with badges, biometrics, surveillance, restricted areas, and environmental sensors (fire, temperature, humidity, vibration) is key. Physical security is essential to full infrastructure resilience.

Conclusion

These recommendations are designed to bolster the resilience of industrial infrastructure against both cyber and physical threats, while maintaining operational continuity.

Securing access to OT environments is a strategic imperative. The risks are real, threats are evolving, and the impacts can be major.

Companies must act now to implement robust, adapted strategies. Contact our specialists for an in-depth analysis or support in securing your OT environments. CGI has the experience and expertise to support you effectively.