Securing remote access in the age of industrial connectivity

ISJ hears exclusively from Almog Apirion, CEO and Co-Founder of Cyolo about how Secure Remote Access is redefining protection for industrial and critical infrastructure in the connected, cyber-physical world.

In the past, industrial and critical infrastructure facilities relied on strong physical defences like locks, alarms and security guards to protect the valuable assets inside.

But as connectivity between operational technology (OT) and digital infrastructure rises, the lines separating physical and digital security are fading.

Information technology (IT) networks now extend into previously isolated OT environments, creating new opportunities to improve efficiency and productivity – as well as serious new security challenges.

At the same time, the growth of remote access makes work easier, especially for sites that are physically difficult to reach.

However, if they are not carefully monitored and secured, these access points can become doorways for attackers.

Fortunately, new innovations in Secure Remote Access (SRA) are emerging to help close this gap. These tools bolster existing physical security protocols by ensuring that only authorised personnel can remotely access a company’s physical assets.

As industrial environments grow ever more connected, SRA will prove a crucial complement to physical security measures.

Old machines, new risks

Even in our digital age, many industrial facilities still depend heavily on legacy systems to keep operations running.

These systems were not designed for the current cyber-physical world and often cannot accommodate modern security protections.

When these machines are connected to IT infrastructure or the internet, they become highly vulnerable to cyber-attacks.

An additional challenge facing industrial enterprises is reliance on external vendors and original equipment manufacturers (OEMs).

These third-party partners perform key tasks and need remote access to maintain or repair critical systems.

However, if it is not properly secured, third-party access also creates more entry points for bad actors.

Cyber-attackers can now break into networks without physically breaking into the building. In this new reality, implementing the right secure remote access strategy becomes just as important as the locks and alarms on physical doors.

AI data centers: The new critical infrastructure

AI data centers form the backbone of the digital world and are quickly becoming just as vital to modern life as power grids, manufacturing plants or transportation hubs.

As with all critical infrastructure, the importance of AI data centers also makes them a high-value target.

Public perception of AI risk often focuses on biased models, deepfakes or misinformation, but the true foundation of AI is the physical infrastructure that powers it: AI data centers, which are under constant stress and attack.

Without resilient, secure data-hosting facilities, the AI revolution will be unable to scale.

Consider these unique challenges:

• Overheating risk: GPU racks generate five to ten times more heat than regular servers. Cooling failures can spiral into crises in minutes
• Remote maintenance: Strict security and access rules mean maintenance activities must be done remotely
• Complex systems: AI campuses rely on power substations, advanced HVAC and water cooling loops. Any disruption to just one of these systems can shut down operations and trigger a chain reaction of consequences

If AI data centers fail, the impact will be felt across multiple areas, potentially including:

• Communication networks
• Transportation systems
• Basic daily services

Keeping them secure can mean the difference between stability and chaos.

Building stronger SRA for a cyber-physical world

To protect AI data centers and other critical infrastructure, organisations need to go beyond traditional physical security.

They must also apply cybersecurity measures and secure access approaches designed specifically for OT.

This will help bridge the gap between the physical and digital domains and ensure that remote access is just as secure, safe and reliable as being on-site.

When evaluating an SRA solution, look for these key capabilities:

1. Built for OT: Cyber-physical systems such as HVAC and cooling loops need security solutions that can address both their physical and digital components
2. Adherence to zero trust principles: No one – not even employees or long-time vendors – should be automatically trusted. Every user and device must be verified before accessing critical systems
3. Continuous visibility and control: Securing the initial point of access isn’t enough as organisations must be able to monitor user activity throughout each connection. This way, suspicious behaviour can be spotted and stopped in real time

SRA solutions should also align with regional and industry-specific compliance mandates, such as:

• ISA/IEC 62443
• NIS2
• NERC CIP
• TSA Directives

Turning secure remote access into operational resilience

Physical security feels straightforward, you lock your doors and give out keys only to people you trust.

The same mindset must now be applied to digital security.

Facilities managers and OT security leaders should view SRA not just as a defensive measure but as a way to proactively strengthen overall resilience.

For instance, by implementing SRA for third-party technicians, organisations can enable preventive maintenance, reduce downtime and keep critical operations running without disruption.

In the end, secure remote access and cybersecurity is about more than keeping attackers out, it’s about enabling safe, reliable growth in a world where physical and digital systems are becoming inseparable.

By treating digital gates with the same care as physical doors, organisations can build operations that are secure, sustainable and ready to meet future challenges.

To learn more about Cyolo, please click this link: Cyolo | Remote Privileged Access for OT and Cyber-Physical | Cyolo