When Uptime Is Non-Negotiable: Rethinking Zero Trust for OT Environments

Source: Linode Blog

For years, critical infrastructure operators have been forced to choose between uptime and robust cybersecurity protection

Traditional controls, such as firewalls, either slow systems down or cannot be deployed at all in fragile OT environments. By integrating Akamai Guardicore Segmentation with NVIDIA BlueField DPUs, Zero Trust enforcement moves directly into the infrastructure itself, delivering hardware‑isolated, hardware‑accelerated, line‑rate protection for un‑agentable and mission‑critical systems without sacrificing performance.

---

The systems that cannot fail

It is 2:17 AM in a regional power operations center. An engineer notices abnormal traffic between two supervisory systems that rarely communicate. Within seconds, a controller responsible for load balancing begins issuing unexpected commands.

Nothing crashes. Nothing explodes. But something is wrong.

In many OT environments, that moment determines whether the incident remains contained or cascades across substations, production lines, or water‑treatment processes.

This isn’t theoretical.

• Check Point Research reported that U.S. utilities experienced nearly a 70 % increase in cyber threats in 2024 compared to the previous year【source】.
• KnowBe4 observed a 30 % rise in threats on critical national infrastructure during the same period【source】.
• The U.S. Department of Homeland Security has warned that threats to energy, transportation, and other essential sectors are expected to intensify into 2025【source】.

Leaders are not facing a distant possibility—they’re facing a sustained campaign.

And yet, many of the systems that matter most still rely on trust assumptions that were designed decades ago.

---

Why traditional OT security models struggle

Operational technology environments were engineered for reliability and deterministic behavior, not for adaptive cyber defense. Many run legacy operating systems; some cannot be patched without recertification, and others cannot tolerate even small changes in latency.

Security teams know that lateral movement is how real damage occurs. Once an adversary gains initial access, the ability to pivot between systems determines the scope of impact.

In enterprise IT, agent‑based micro‑segmentation has become a powerful way to enforce least‑privilege access and contain that spread. When deployed correctly, it delivers granular visibility and high performance.

But OT introduces a different constraint:

• In some cases, installing an agent is not safe.
• In others, it is not allowed.
• In still others, it’s simply not possible.

That creates a dangerous gap. The systems that control physical processes are often protected at the perimeter while remaining broadly permissive internally.

Executives should pause here and ask themselves a simple question:

If an adversary gained a foothold inside your OT network tonight, how far could they move before something stopped them?

If the honest answer is “farther than I am comfortable with,” then the architecture needs to change.

---

The regulatory and insurance pressure is real

Security in critical infrastructure is no longer just a technical discussion—it’s a board‑level and regulatory issue.

• United States: Utilities and other critical operators face increasing mandates around segmentation, monitoring, and incident response. Federal guidance and sector‑specific regulations are tightening expectations around resilience, not just detection.
• Cyber insurers: Underwriters are scrutinizing segmentation practices, access controls, and containment capabilities before issuing or renewing policies. Premiums now reflect not only whether an organization can detect an incident, but also whether it can limit blast radius.

Executives should be asking:

1. Can we demonstrate that a compromised controller cannot laterally access high‑value systems?
2. Can we prove that east‑west traffic is governed by least privilege?
3. Can we show that enforcement survives even if a host is compromised?

If the answer to any of those is uncertain, it is not just a technical risk—it is a financial and regulatory exposure.

---

Moving enforcement into the infrastructure

The integration of Akamai Guardicore Segmentation with NVIDIA BlueField DPUs reflects a different architectural mindset.

• Off‑load compute to a hardware‑isolated Data Processing Unit (DPU) embedded in the data path.
• BlueField operates independently of the host OS and CPU.
• Policies translated into hardware flow rules are enforced at line rate in silicon.

In this model:

• NVIDIA BlueField provides the real‑time telemetry and enforcement point at the infrastructure layer.
• Akamai Guardicore supplies centralized visibility, policy modeling, and policy management that governs how segmentation is defined and applied across the environment.

Telemetry is collected directly by BlueField without requiring any host‑based software, ensuring visibility with zero impact on fragile OT systems. That telemetry is then surfaced through Guardicore’s platform, where security teams can:

• Map application dependencies.
• Define least‑privilege policies.
• Manage segmentation consistently across both IT and OT domains.

If a server is compromised, the enforcement logic running on the DPU remains intact, continuing to enforce policy regardless of host‑level breach.

## Containment at Machine Speed

Modern adversaries automate reconnaissance and lateral movement. They do not wait for change windows. They do not respect operational sensitivities.

When segmentation enforcement happens in the data path, traffic is evaluated as it enters and exits each node. Unauthorized connections are blocked before they propagate. Compromised systems can be isolated in real time, limiting blast radius.

In architectures aligned with the Purdue Model, trust boundaries between enterprise systems, DMZ layers, supervisory controls, and process‑level devices can be reinforced **without modifying the equipment itself**.

This shifts the conversation from threat detection after the fact to **containment by design**.

**Leaders should be asking:**

- Are we architected to detect compromise, or are we architected to survive it?  
  *Those are not the same thing.*

---

## The Next Generation of Critical Infrastructure Security

The long‑standing belief that stronger security inevitably slows critical systems has shaped decisions for decades. That belief no longer holds.

Security does not need to compete with uptime. It can be embedded into the infrastructure itself.

As OT and IT converge and AI‑driven solutions accelerate both innovation and AI workloads, Zero Trust security must evolve beyond software overlays. It must be:

- **Hardware‑aware**
- **Resilient to host compromise**
- **Capable of enforcing least‑privilege at network speed**

The organizations that lead in the next decade—including those building AI infrastructure and AI factories—will not be the ones that simply deploy more monitoring tools. They will be the ones that redesign their architecture to contain failure by default.

The real question for executive leaders is not **whether** threats will continue to escalate—they will.  
The real question is:

> **When the inevitable breach occurs inside your OT environment, will your architecture absorb the impact, or will it amplify it?**

The answer will not be found in policy documents. It will be found in the infrastructure decisions you make today.

---

### About the Author

![Clint Huffaker](https://www.akamai.com/site/en/images/blog/userpics/clint-huffaker.png)

**Clint Huffaker** started his career on the customer side, managing enterprise networking and security before moving into presales and architecture. Those early lessons gave him a deep appreciation for what customers do every day—balance innovation, risk, and business pressure. Today, as Director of Product Marketing for Security at Akamai, Clint leads initiatives around Akamai Guardicore Segmentation and Zero Trust.

---

**Tags**

- [Security](https://www.akamai.com/blog?filter=blogs/security)