What CISOs Need To Know About Identity Governance Across OT And IT
As the boundaries between operational technology (OT) and information technology (IT) dissolve, identity is becoming the connective tissue and the point of greatest vulnerability.
Industrial and critical infrastructure organizations are digitizing rapidly. From connected sensors to hybrid cloud platforms, the convergence of OT and IT brings undeniable operational advantages. But for security leaders, it introduces a complex, fragmented identity landscape that's difficult to see, govern and secure.
For today's CISOs, the question is no longer whether OT and IT should be integrated. It's how to manage access and enforce identity governance in environments that were never designed to work together.
The Identity Challenge At The Heart Of OT/IT Convergence
Traditional identity and access management (IAM) systems were built for IT. They often assume cloud-ready environments, API access and a single source of truth. OT, on the other hand, remains a world of legacy systems, air-gapped networks, vendor-owned software and local admin accounts.
This disjointed architecture leads to significant governance challenges:
• No unified visibility across all identities (human and machine)
• Dormant or orphaned accounts in OT systems remain active
• Excessive privileges and toxic role combinations go unnoticed
• Manual access reviews are unreliable and out of date by the time they're completed
• Audits become operational burdens due to a lack of centralized evidence
For CISOs, this identity debt is not theoretical. It's a real risk: operational, reputational and regulatory.
Why The Old Playbook Doesn't Work
Many organizations attempt to extend their IT IAM tools into OT. However, these platforms often require full integrations, modern protocols and constant connectivity—things OT environments can't always provide.
And even when integration is possible, it's invasive. Retrofitting centralized IAM into OT networks may require architecture changes, incur downtime or expose systems to unnecessary risk.
Security leaders don't just need to control access. They need to fully understand it, continuously and contextually, without adding complexity or breaking mission-critical operations.
A Strategic Solution: Digital Twins Plus Knowledge Graphs
To bridge the identity governance gap, CISOs are turning to more adaptive, data-driven models, specifically digital twins and knowledge graphs.
A digital twin creates a virtual representation of your identity ecosystem, spanning both OT and IT systems. It maps every user, account, permission and role, providing a dynamic view of who has access to what and why.
Unlike traditional IAM, this model doesn't require bidirectional integration. It works with disconnected or air-gapped systems, making it especially suited to high-security OT environments.
Benefits for CISOs:
• See the full access landscape across all domains.
• Monitor changes as they happen.
• Continuously validate least privilege and policy compliance.
• Gain board-level visibility into identity-related risk.
Where digital twins give you the map, knowledge graphs show the structure. They model the relationships between people, systems, roles and policies, revealing patterns, risks and dependencies.
With knowledge graphs, CISOs can:
• Identify cross-system privilege creep.
• Detect conflicting roles before they become vulnerabilities.
• Tie service accounts back to owners and justify permissions.
• Analyze the downstream impact of access changes.
Together, digital twins and knowledge graphs form a risk intelligence layer for identity, delivering insights that most IAM tools miss.
What CISOs Should Do Next: Five Strategic Steps
To mature identity and access governance across converged OT and IT environments, CISOs should prioritize these actions:
1. Inventory the full identity landscape. Start with a complete audit of all identities: employees, contractors, third parties, service accounts and machine users. Map where access is granted and how it's governed, especially in non-centralized OT systems.
2. Build a unified identity model. Leverage digital twin technology to consolidate and continuously update your access map. This creates the foundation for scalable governance and auditability.
3. Uncover hidden risk through relationships. Use knowledge graphs to reveal toxic access paths, role conflicts and overprovisioned accounts. Context is key. Understanding how access is used and why is as important as knowing it exists.
4. Automate reviews and compliance checks. Manual reviews are slow, expensive and outdated before they're completed. Shift to ongoing validation of access rights and policy adherence. Make audits self-serve and always-on.
5. Enforce least privilege with confidence. Privilege management only works when it's grounded in accurate, current data. Use identity modeling and graph-based insights to enforce role-based access and eliminate unnecessary privileges, especially for sensitive OT systems.
Why This Matters: Identity As A Modern Threat Vector
Attackers no longer break in. They log in. Whether it's compromised credentials, privilege escalation or insider misuse, identity is now the attack surface of choice.
And in OT/IT converged environments, the stakes are even higher. A breach in a misconfigured identity could mean more than just data loss. It could halt production, disrupt energy grids or impact public safety.
For CISOs, this is not just a technology challenge; it's a boardroom imperative. Visibility, control and auditability of access across all environments must be provable, scalable and immediate.
Identity Governance Without Borders
The convergence of OT and IT is inevitable. Yet fragmented identity governance doesn't have to be. By embracing modern modeling technologies—digital twins for continuous visibility and knowledge graphs for contextual intelligence—CISOs can gain the insight and oversight they need.
This isn't about replacing existing tools. It's about complementing them with intelligence that closes gaps, reduces risk and transforms compliance from a burden into a strength.
In a world where identity is the new perimeter, understanding access is not optional. It's foundational.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
8 hours ago
- Yahoo
A Look Back at Professional Tools and Equipment Stocks' Q2 Earnings: Kennametal (NYSE:KMT) Vs The Rest Of The Pack
Wrapping up Q2 earnings, we look at the numbers and key takeaways for the professional tools and equipment stocks, including Kennametal (NYSE:KMT) and its peers. Automation that increases efficiency and connected equipment that collects analyzable data have been trending, creating new demand. Some professional tools and equipment companies also provide software to accompany measurement or automated machinery, adding a stream of recurring revenues to their businesses. On the other hand, professional tools and equipment companies are at the whim of economic cycles. Consumer spending and interest rates, for example, can greatly impact the industrial production that drives demand for these companies' offerings. The 9 professional tools and equipment stocks we track reported a satisfactory Q2. As a group, revenues beat analysts' consensus estimates by 1.7% while next quarter's revenue guidance was in line. Amidst this news, share prices of the companies have had a rough stretch. On average, they are down 5.6% since the latest earnings results. Weakest Q2: Kennametal (NYSE:KMT) Involved in manufacturing hard tips of anti-tank projectiles in World War II, Kennametal (NYSE:KMT) is a provider of industrial materials and tools for various sectors. Kennametal reported revenues of $516.4 million, down 4.9% year on year. This print fell short of analysts' expectations by 1.9%. Overall, it was a disappointing quarter for the company with full-year EPS guidance missing analysts' expectations significantly and a significant miss of analysts' adjusted operating income estimates. Kennametal delivered the weakest performance against analyst estimates and weakest full-year guidance update of the whole group. Unsurprisingly, the stock is down 19.4% since reporting and currently trades at $20.24. Read our full report on Kennametal here, it's free. Best Q2: Lincoln Electric (NASDAQ:LECO) Headquartered in Ohio, Lincoln Electric (NASDAQ:LECO) manufactures and sells welding equipment for various industries. Lincoln Electric reported revenues of $1.09 billion, up 6.6% year on year, outperforming analysts' expectations by 5.1%. The business had a stunning quarter with a solid beat of analysts' organic revenue estimates and a solid beat of analysts' EBITDA estimates. Lincoln Electric scored the fastest revenue growth among its peers. The market seems happy with the results as the stock is up 7.4% since reporting. It currently trades at $240.07. Is now the time to buy Lincoln Electric? Access our full analysis of the earnings results here, it's free. Hyster-Yale Materials Handling (NYSE:HY) Playing a significant role in the development of the hydraulic lift truck, Hyster-Yale (NYSE:HY) designs, manufactures, and sells materials handling equipment to various sectors. Hyster-Yale Materials Handling reported revenues of $956.6 million, down 18.1% year on year, exceeding analysts' expectations by 2.1%. Still, it was a softer quarter as it posted a significant miss of analysts' EBITDA estimates and a significant miss of analysts' EPS estimates. Hyster-Yale Materials Handling delivered the slowest revenue growth in the group. As expected, the stock is down 14.7% since the results and currently trades at $36.10. Read our full analysis of Hyster-Yale Materials Handling's results here. Hillman (NASDAQ:HLMN) Established when Max Hillman purchased a franchise operation, Hillman (NASDAQ:HLMN) designs, manufactures, and sells industrial equipment and systems for various sectors. Hillman reported revenues of $402.8 million, up 6.2% year on year. This number surpassed analysts' expectations by 2.6%. Overall, it was an exceptional quarter as it also put up a solid beat of analysts' EBITDA estimates and an impressive beat of analysts' adjusted operating income estimates. Hillman achieved the highest full-year guidance raise among its peers. The stock is up 20.9% since reporting and currently trades at $9.85. Read our full, actionable report on Hillman here, it's free. Snap-on (NYSE:SNA) Founded in 1920, Snap-on (NYSE:SNA) is a global provider of tools, equipment, and diagnostics for various industries such as vehicle repair, aerospace, and the military. Snap-on reported revenues of $1.28 billion, flat year on year. This print topped analysts' expectations by 2.1%. It was a strong quarter as it also produced a solid beat of analysts' organic revenue estimates and a narrow beat of analysts' adjusted operating income estimates. The stock is up 2.7% since reporting and currently trades at $321.89. Read our full, actionable report on Snap-on here, it's free. Market Update Thanks to the Fed's series of rate hikes in 2022 and 2023, inflation has cooled significantly from its post-pandemic highs, drawing closer to the 2% goal. This disinflation has occurred without severely impacting economic growth, suggesting the success of a soft landing. The stock market thrived in 2024, spurred by recent rate cuts (0.5% in September and 0.25% in November), and a notable surge followed Donald Trump's presidential election win in November, propelling indices to historic highs. Nonetheless, the outlook for 2025 remains clouded by potential trade policy changes and corporate tax discussions, which could impact business confidence and growth. The path forward holds both optimism and caution as new policies take shape. Want to invest in winners with rock-solid fundamentals? Check out our Top 6 Stocks and add them to your watchlist. These companies are poised for growth regardless of the political or macroeconomic climate. StockStory is growing and hiring equity analyst and marketing roles. Are you a 0 to 1 builder passionate about the markets and AI? See the open roles here.
Yahoo
a day ago
- Yahoo
ATS to Participate in the Raymond James Industrial Showcase
CAMBRIDGE, Ontario, August 08, 2025--(BUSINESS WIRE)--ATS Corporation (TSX: ATS) (NYSE: ATS) ("ATS" or the "Company") today announced that Ryan McLeod, Interim Chief Executive Officer, and Anne Cybulski, Interim Chief Financial Officer, will participate in the virtual Raymond James Industrial Showcase on August 13, 2025. Management will host institutional investor meetings at the Showcase, which can be arranged by contacting your Raymond James representative or akapur2@ About ATS Corporation ATS Corporation is an industry-leading automation solutions provider to many of the world's most successful companies. ATS uses its extensive knowledge base and global capabilities in custom automation, repeat automation, automation products and value-added solutions including pre-automation and after-sales services, to address the sophisticated manufacturing automation systems and service needs of multinational customers in markets such as life sciences, transportation, food & beverage, consumer products, and energy. Founded in 1978, ATS employs approximately 7,500 people at more than 65 manufacturing facilities and over 85 offices in North America, Europe, Asia and Oceania. The Company's common shares are traded on the Toronto Stock Exchange ("TSX") and the New York Stock Exchange ("NYSE") under the symbol ATS. Visit the Company's website at View source version on Contacts For more information, contact: Arjun KapurInvestor Relations AssociateATS Corporation730 Fountain Street NorthCambridge, ON, N3H 4R7(519) 653-6500akapur2@ For general media inquiries, contact: Matthew RobinsonDirector, Corporate Affairs & CommunicationATS Corporation730 Fountain Street NorthCambridge, ON, N3H 4R7(519) 653-6500mrobinson@ Sign in to access your portfolio
Yahoo
a day ago
- Yahoo
Prologis Stock: Analyst Estimates & Ratings
Prologis, Inc. (PLD) is a leading real estate investment trust (REIT) headquartered in San Francisco, California, specializing in industrial and logistics real estate. Its market cap hovers around $98.6 billion, reflecting its status as one of the largest industrial REITs globally. Founded in 1983 and later formed through a landmark merger between AMB Property Corporation and ProLogis in 2011, the company owns and operates more than 1.3 billion square feet of logistics facilities across 20 countries, serving major tenants in the business‑to‑business and retail/online fulfillment sectors. More News from Barchart Cathie Wood Is Buying Shares of This Little-Known Ethereum Treasury Company. Should You? Dear Ford Stock Fans, Mark Your Calendar for August 11 Robinhood Stock Seemingly Can't Be Stopped in 2025. Is It Too Late to Buy HOOD Here? Markets move fast. Keep up by reading our FREE midday Barchart Brief newsletter for exclusive charts, analysis, and headlines. Shares of Prologis have returned just 0.6% on a year‑to‑date (YTD) basis, while remaining significantly below its 52‑week high of $132.57. Over the past 52 weeks, the stock declined 11.5%. In contrast, the broader S&P 500 Index ($SPX) has gained 7.8% YTD, while the past year returns stand at 21.9%. Narrowing the focus, the Real Estate Select Sector SPDR ETF (XLRE) rallied by 2.3% YTD and rose marginally over the past 52 weeks, also outpacing PLD stock. Several factors have shaped Prologis' performance. On the positive side, the company continues to benefit from strong leasing demand in infill logistics markets. Moreover, trade‑policy shifts, especially expectations of a U.S.-China trade war, are spurring onshoring and warehousing demand. However, heightened U.S. warehouse vacancy and rate‑sensitive sector pressures, including rising interest expenses, have weighed on sentiment. For the current fiscal year, ending in December 2025, analysts expect Prologis to report EPS growth of 3.8% YoY to $5.77, on a diluted basis. The company has a stellar history of surpassing consensus EPS estimates. It topped consensus estimates in each of the last four quarters. Out of the 24 analysts covering PLD stock, the consensus rating is a 'Moderate Buy.' That's based on 12 'Strong Buys,' two 'Moderate Buys,' eight 'Hold' ratings, and two 'Strong Sells.' The current configuration has remained consistent over the past few months. Citi has maintained its 'Buy' rating on PLD, but trimmed the price target from $150 to $140, reflecting heightened caution amid unresolved trade‑policy risks. The mean price target of $119.30 represents a premium of 12.2% to PLD's current price, while the Street-high price target of $148 suggests an upside potential of 39.2%. On the date of publication, Sristi Jayaswal did not have (either directly or indirectly) positions in any of the securities mentioned in this article. All information and data in this article is solely for informational purposes. This article was originally published on
