In cybersecurity, few environments are as mission-critical—and as misunderstood—as operational technology (OT).
Unlike traditional IT, which is built for centralization, cloud integration and continuous monitoring, OT is defined by air-gapped networks, legacy software and physical consequences. OT engineers aren’t focused on IAM workflows or federated identities. Their priorities are uptime, safety and compliance with engineering standards that often predate the cloud.
That siloed mindset, while understandable, is becoming increasingly risky.
As critical infrastructure becomes more digital, bridging the IT-OT divide has become one of cybersecurity’s most urgent—and overlooked—priorities.
When Identity Is Off The Grid
While IT teams have matured their identity governance practices—deploying automated provisioning, SSO and conditional access—OT environments remain fragmented. Each site or facility often runs its own isolated identity domain, with local directories, standalone user accounts and access policies maintained by engineers who don’t report to IT or security.
Consider a typical OT setup: a company with dozens of geographically dispersed plants, each with its own network and Active Directory instance. Credentials are created locally. Systems authenticate users only within that environment. If someone logs into a terminal at Site A, it may not matter if they were terminated from the corporate HR system a week ago—Site A likely doesn’t know.
This disconnection between corporate identity systems and on-the-ground reality creates one of their most persistent and underrecognized access risks: local identities that outlast their intended use.
These aren’t theoretical problems. They’re systemic and persistent and often go unnoticed—until they’re exploited.
Why OT Teams Push Back (And Why They’re Not Wrong)
Security teams often propose tighter integration between IT and OT systems. OT engineers often resist: “Don’t touch anything. We’re air-gapped for a reason.”
This isn’t fear of change. It’s adherence to a critical safety protocol.
Introducing new data or configurations into an OT environment—whether it’s a patch, an IAM sync or a policy update—risks interfering with sensitive control systems. The result could be downtime, equipment failure or even physical harm.
So, OT teams do what makes sense in their world: They isolate. At best, they may allow data to be passed out, but rarely in. In many environments, the only way to extract identity data is to physically walk it out—on a USB stick, if necessary.
And that’s the paradox: OT systems are air-gapped for safety, but the people using them are not. They shift roles, join projects and leave companies. If their identity data in OT isn’t updated accordingly, you end up with active access and no accountability.
A New Approach: Digital Twins And Knowledge Graphs
Traditional IAM tools aren’t built for the OT. They depend on live integrations, API access and real-time syncing—all nonstarters in these environments. What’s needed is a model that delivers insight without direct system access.
This is where digital twins and knowledge graphs come into play.
Digital Twins: Build The Model, But Don’t Touch The System
A digital twin is a virtual model of your identity ecosystem. It consolidates user, system and access data without modifying the live environment.
In OT, this means taking snapshots of local identities, loading them into the twin and analyzing them in a safe, isolated environment. You get the visibility you need, without the risk.
Knowledge Graphs: Connect The Dots You Didn’t Know Existed
A knowledge graph maps relationships between users, systems, roles and policies. It highlights conflicting roles, orphaned service accounts and mismatched access paths.
In OT, this approach can help you take actions to ensure broader coverage and better performance:
- Detect redundant or risky access
- Map local identities to the broader organization
- Spot discrepancies between HR records and OT access points
- Prioritize remediation without needing to standardize every system
Together, digital twins and knowledge graphs bring clarity to complexity, without forcing convergence.
The Leadership Imperative: Visibility Without Disruption
For CISOs and CIOs, this isn’t just a technical challenge—it’s a leadership imperative.
In boardrooms and security committees, the question has shifted from “Are we compliant?” to “Can we prove we’re secure—right now?”
That proof depends on visibility. And in the OT world, visibility has long been the missing piece.
By modeling identity environments without altering them, security leaders can uncover risk and align systems for better compliance and performance:
- Surface hidden access risks
- Align physical and digital access
- Demonstrate compliance to auditors and regulators
- Enable OT teams to act on their own terms
Just as important, this approach respects OT’s operational boundaries. You’re not forcing system changes. You’re enabling insight and giving ownership so teams act with confidence.
It’s Not About Control—It’s About Collaboration
The future of OT identity security isn’t about forcing integration or dismantling air gaps. It’s about building shared understanding—so when someone leaves the company, every system knows. When a role changes, access adjusts. And when asked “Who has access, and why?” security leaders can answer with confidence and evidence.
The solution isn’t more control. It’s better modeling and mapping—revealing what already exists so organizations can fix gaps without disrupting what works.
Because in OT, what you don’t touch can still hurt you. But what you can see, you can secure.
