Accelerating your Zero Trust journey in manufacturing

Issue 7 2022 Infrastructure, Information Security, Industrial (Industry), IoT & Automation


Francois van Hirtum.

Many manufacturing operations are still struggling with ageing IT/OT infrastructure that can be difficult to secure, as well as a poorly integrated set of security point products that does not align with the strategic approach expected by their executive management.

Digital transformation is accelerating within the manufacturing space with the continued modernisation and interconnectedness of the environment, the development of the hybrid workforce, and increased pressure to maintain availability in light of more sophisticated cyber threats. Industry in general can be said to have reached a tipping point, with many users and apps now residing outside of the traditional perimeter.

Given this combination of tremendous change coupled with the need for availability and operational resilience, information security teams working within manufacturing require a modern approach to security that fits these significant shifts.

The new reality

A hybrid workforce is the new reality; businesses must provide access from anywhere and deliver an optimal user experience. The days of managing implied trust by relying on a static, on-premise workforce are gone. At the same time, application delivery has tilted firmly in favour of the cloud, public or private, and has enabled development teams to deliver at an unprecedented pace.

However, new architectures, delivery and consumption models create more instances of implied trust, and an expanding catalogue of apps creates a broader attack surface, while implied trust granted to microservices yields new opportunities for attackers to move laterally. Moreover, infrastructure can be anywhere, and everything is increasingly interconnected, making the elimination of implicit trust even more critical. You can no longer simply trust IT equipment such as printers or vendor-supplied hardware and software, because IT and workplace infrastructure are increasingly connected to Internet-facing apps that command and orchestrate them centrally.

How do you define risk?

The important thing to understand is that anything Internet-facing is a risk to your organisation. Physical locations are increasingly run by connected things, including IoT devices, which typically have more access than they need. Traditional IT patching and maintenance strategies do not apply here – cyber adversaries know this is ripe for exploitation.

The biggest challenge to adopting a Zero Trust architecture has not been a lack of specific security tools, but a simple lack of resources (talent, budget, interoperability, time, etc.). Running the most current security controls against a moving target – a dynamic threat landscape – has historically been challenging for the manufacturing industry.

A comprehensive Zero Trust approach can be implemented for businesses operating in the sector, but it must be augmented by the right set of security capabilities that enable consistent controls across IT and OT environments.

Instead of testing, running and fixing multiple non-integrated security controls across all of your security domains, such as malware or DLP (for protecting your intellectual property or trade secrets), you can rely on one single control which you can deploy across your organisation.

Security by design becomes a reality as deployment, operations and time-to-market costs are decreased. Moreover, leveraging the network effect of telemetry from the entire organisation, and not just from one specific area, means the time to respond to and prevent cyber threats is lowered, leading to more resilient cybersecurity.

To summarise, Zero Trust is a strategic approach to cybersecurity that secures an organisation by eliminating implicit trust and continuously validating every stage of digital interaction. It is a modern, holistic approach to security that enables manufacturing operations to meet current challenges in a proactive manner for higher levels of security, reduced complexity, and increased functional resilience that minimises downtime and disruption to operations.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Increase in cyberattacks on the manufacturing sector
Security Services & Risk Management News & Events Industrial (Industry)
According to a new Kaspersky ICS CERT report, in the first quarter of 2026, the percentage of industrial control systems (ICS) on which malicious objects were blocked reached 19,6% globally.

Read more...
NEC XON detects and stops ransomware attack
NEC XON Information Security IoT & Automation
Ransomware attacks rarely begin with chaos. More often, they start quietly, with probing, mapping, and patient reconnaissance inside a target’s network. That was the situation facing a global recruitment firm when cybercriminals attempted to navigate its systems.

Read more...
Sophos establishes South African legal entity to strengthen local operations
News & Events Information Security
Global cybersecurity company, Sophos, has announced the formation of its local legal entity, which will support local invoicing, partner enablement, compliance requirements and expanded regional investment.

Read more...
From drone market growth to application-level commercialisation
IoT & Automation Infrastructure
After years of pilot projects and technology validation, the question for the market is shifting from whether drones can fly safely and collect data, to where they can deliver repeatable operational value at scale.

Read more...
Cybersecurity in a digitally connected security industry
SA Technologies Information Security IoT & Automation
As more organisations move towards digital visitor management, cloud-based access control, mobile applications, biometric verification, and connected security platforms, cybersecurity must be viewed as part of the full security environment.

Read more...
AI-enabled NVR for Milestone XProtect
Surveillance Infrastructure Products & Solutions
As surveillance environments continue to grow in scale and complexity, organisations need infrastructure that is easy to deploy, simple to manage, and ready for AI-driven workloads.

Read more...
71% of organisations suffered an identity breach
News & Events Information Security
The State of Identity Security 2026 report from Sophos finds human error and poor non-human identity management are the root causes of most attacks, as agentic AI accelerates the risk.

Read more...
Global security in 2026
Editor's Choice News & Events Security Services & Risk Management Industrial (Industry) Mining (Industry)
The World Security Report 2026 states: “In a world of increasing volatility, physical security has evolved. It is no longer just a defensive measure; it is a critical driver of corporate value.”

Read more...
Who is to blame for autonomous mistakes?
Editor's Choice Security Services & Risk Management Industrial (Industry) Mining (Industry)
Most supply agreements for AI-integrated equipment still closely resemble plant hire contracts from ten years ago: bilateral, human-focused, and silent on who bears the risk when a machine makes a decision on its own.

Read more...
Industry perspective on industrial cybersecurity
Technews Publishing News & Events Infrastructure Industrial (Industry)
The Industrial Security Harmonization Group has released a joint industry perspective highlighting a critical truth in industrial cybersecurity: secure communication is not determined by protocols alone, but by how they are deployed and managed in real-world environments.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.