Zero trust security principles work well in enterprise IT but fail in IoT and OT environments due to fundamental model mismatches. Three core problems undermine zero trust in these environments: incomplete device visibility, networks that are functionally flat despite appearing segmented, and implicit durable trust relationships baked into device-controller interactions. Attacks in OT environments propagate through shared controllers, inherited firmware, and update mechanisms rather than through identity failures or segmentation bypasses. The Unified Linkage Model (ULM) is proposed as a complementary framework that maps functional dependencies, adjacency, inheritance, and trust propagation to expose how compromise actually spreads. Security leaders are advised to supplement zero trust with trust mapping, protect management planes and update mechanisms as structural amplifiers, and reassess vendor risk based on how much trust suppliers inherit and propagate once integrated.
Sort: