Zero Trust Network Access Solutions in Operational Technology Environments
New Approaches of Remote Access in Industrial Environments
Copyright (c) 2026 Tóth Ádám
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Abstract
The thesis examines the cybersecurity challenges of remote access to industrial systems (OT), with particular emphasis on the vulnerabilities of VPN-based solutions and the potential implementation of zero trust network access (ZTNA) technology built on zero trust architecture. It compares the operation of VPN and ZTNA, highlighting advantages and limitations such as the extent to which the principle of least privilege is enforced, identity-based access management, and simplified policy control. The study also explores the possibilities for integrating ZTNA into OT environments, taking into account the Purdue model and addressing architectural feasibility as well as other implementation challenges. The findings indicate that while ZTNA can enhance OT cybersecurity, its successful deployment depends on proper infrastructure preparation, gradual rollout, and careful consideration of the cost–benefit ratio.
Keywords:
References
ALEXANDER, Otis – BELISLE, Misha – STEELE, Jacob (2020): MITRE ATT&CK® for In-dustrial Control Systems: Design and Philosophy. Bedford, MA, USA: The MITRE Corpo-ration, 21–85.
ANDERSSON, Niklas (2023): The Effect of the IT/OT Gap on the NIS 2 Implementation. Szakdolgozat. Stockholm: Stockholm University Department of Computer and Systems Sci-ences. Online: https://su.diva-portal.org/smash/record.jsf?pid=diva2%3A1784461&dswid=5127
CrowdStrike 2026. Global Threat Report. Online: https://www.crowdstrike.com/en-us/global-threat-report/
Dragos (2025): 2025 OT. Cybersecurity Action Guide. Online: https://hub.dragos.com/hubfs/312-Year-in-Review/2025/Dragos_2025_OT_Cybersecurity_Global_Action_Guide.pdf?hsLang=en
Fortinet (2025): ZTNA vs VPN – What's The Better Cybersecurity Solution? Online: https://www.fortinet.com/resources/cyberglossary/ztna-vs-vpn
FRÉSZ Ferenc (2025): Milliárdnyi kiszivárgott hitelesítő adat. Online: https://substack.com/@ferencfresz/p-166319450
KOCSIS Tamás (2025): Ipari (OT) kiberbiztonsági szakember képzés. Óbudai Egyetem Neumann János Informatikai Kar, prezentáció.
LEE, Robert M. – CONWAY, Tim (2022): The Five ICS Cybersecurity Critical Controls. SANS. Online: https://sansorg.egnyte.com/dl/R0r9qGEhEe
LOBO, Ruben (2023): Zero Trust Network Access (ZTNA) – Revolutionizing Remote Ac-cess Security Across OT Environments. Industrial Cyber, 2023. december 3. Online: https://industrialcyber.co/zero-trust/zero-trust-network-access-ztna-revolutionizing-remote-access-security-across-ot-environments/
MAVROUDIS, Vasilios (2024): Zero-Trust Network Access (ZTNA). Online: https://doi.org/10.48550/arXiv.2410.20611
MITRE Corp. (2025): ICS Matrix. Online: https://attack.mitre.org/matrices/ics/
SCOTT, Rose et al. (2020): Zero Trust Architecture. NIST Special Publication 800-207. On-line: https://doi.org/10.6028/NIST.SP.800-207
The Claroty Team (2023): ICS Security: The Purdue Model. Online: https://claroty.com/blog/ics-security-the-purdue-model
ZAYTSEV, Alexey (2023): OT Remote Access: Can You Trust Your Technician’s Laptop? Cisco Blogs, 2023. november 9. Online: https://blogs.cisco.com/industrial-iot/ot-remote-access-can-you-trust-your-technicians-laptop