CPS remote access is becoming a primary identity risk

At a glance

What this is: Remote access for CPS has shifted from a support function to a core identity and operational risk, with Gartner flagging remote-access-driven attacks, shadow access, and legacy tooling as the main exposure pattern.

Why it matters: IAM, PAM, NHI, and zero-trust programmes all need to treat CPS remote access as a governed identity path, because broad connectivity without command-level control turns operational access into physical and safety risk.

By the numbers:

• 2029, 029, the percentage of attacks on CPS using remote access vectors will grow from negligible numbers to over 20%.
• Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.
• Systems with least-privileged AI access had a 17% incident rate vs 76% for over-privileged systems, and organisations failing to scope AI access properly are 4.5x more likely to experience a security incident.

👉 Read SSH Communications Security's analysis of secure remote access for CPS

Context

Remote access in CPS is no longer an occasional support channel. It is now a standing operational path into industrial and critical infrastructure environments, which means the identity model must account for who can connect, what they can do, and how those actions are constrained once inside the session.

The problem is that legacy IT remote access patterns were built for connectivity, not for safety-critical operations. In CPS, a broad authenticated connection can translate into command execution, configuration change, or operational disruption, so the governance question is not whether remote access exists, but whether it is bounded at the right level.

Shadow access makes the problem harder to govern because contractors, OEMs, and internal teams can create unmanaged connections outside normal oversight. That is typical of environments that have grown through operational necessity first and security discipline second.

Key questions

Q: What breaks when remote access into CPS is treated like ordinary IT access?

A: Ordinary IT access controls stop at network connectivity, but CPS risk lives in the commands that follow. If access is not constrained to the device, application, and protocol level, a valid session can still cause unsafe operational change, physical disruption, or safety impact. The failure is governance depth, not authentication strength.

Q: Why do legacy VPNs and jump servers create risk in industrial environments?

A: They create broad authenticated access without enough awareness of what the session is allowed to do. In industrial settings, that means a single connection can reach multiple assets and execute harmful commands. The risk is amplified when the access path is undocumented, shared, or hard to recertify.

Q: What do security teams get wrong about shadow access in CPS?

A: They often treat shadow access as a visibility problem alone, when it is also a lifecycle and accountability problem. If a contractor tunnel or OEM shortcut is not owned, reviewed, and retired, it becomes permanent privileged exposure. The right response is governance, not just discovery.

Q: Who is accountable when a remote CPS session causes operational harm?

A: Accountability should follow the identity owner, the system owner, and the approver of the remote path. If an OEM, contractor, or internal support team created the session outside normal governance, that is a control failure the organisation owns. Frameworks such as IEC 62443, NIS2, and NIST SP 800-82 all push in that direction.

Technical breakdown

Why legacy VPN and IT PAM controls break in CPS

Traditional VPN and general-purpose PAM tools secure a path into a network, but CPS risk lives inside the action taken after entry. A connected user can often reach too many assets, and the control plane does not understand whether a session is reading telemetry or issuing a write command. That is why CPS secure remote access needs identity-centric policy, device and application scoping, and protocol-aware enforcement instead of simple connectivity gates. Without those controls, the security model stops at authentication and never reaches operational intent.

Practical implication: replace network-only approval with command-level and protocol-aware authorization for CPS remote sessions.

Shadow access and unmanaged remote connections

Shadow access is any remote connection created outside formal governance, such as an OEM tunnel, contractor shortcut, or ad hoc support path. The risk is not just that it exists, but that nobody can reliably answer who approved it, what it reaches, or whether it still needs to exist. In CPS, these hidden paths are especially dangerous because they can bypass logging, recertification, and segmentation controls that the enterprise assumes are in place. Visibility is the first control failure, and lifecycle ownership is the second.

Practical implication: inventory every remote path into CPS and tie each one to a named owner, approval record, and expiry condition.

Secure operations requires least privilege at the command level

CPS environments need more than just short-lived access. They need access that is narrow enough to allow diagnostics while preventing hazardous commands, even when the session itself is legitimate. That is why least privilege in CPS has to be enforced at the device, application, and command level, with recording and audit trails that survive low-bandwidth or interrupted conditions. This is a different model from classic IT access, where the main concern is data exposure rather than physical impact.

Practical implication: define session entitlements around specific operational commands, not only around user roles or destination networks.

Threat narrative

Attacker objective: The objective is to convert a remote support path into operational control over CPS assets with enough reach to disrupt production or affect physical safety.

1. Entry occurs through remote access mechanisms that were designed for IT connectivity, including VPNs, jump servers, or broad privileged access paths into CPS environments.
2. Escalation follows when the authenticated session exposes too much operational reach, letting an attacker or misused insider move from connectivity to command execution or configuration change.
3. Impact is realized in the physical domain, where unauthorized actions can trigger safety incidents, environmental harm, downtime, or equipment damage.

Breaches seen in the wild

• Schneider Electric credentials breach — exposed credentials gave attackers access to Schneider Electric Jira, exfiltrating 40GB.
• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Remote access in CPS is now an identity problem, not a connectivity problem. The market keeps treating VPNs and jump hosts as if the main question is whether a user can reach the network. In CPS, the real question is whether a session can be constrained to a safe operational act once it begins. That shift matters because safety, uptime, and compliance all depend on the identity boundary, not the transport boundary.

Shadow access is the governance failure that makes CPS remote access fragile. undocumented OEM tunnels, contractor shortcuts, and ad hoc support paths create access that is operationally useful but administratively invisible. Once those connections exist outside lifecycle control, recertification and audit lose their authority. Practitioners should treat shadow access as evidence that remote access governance has already failed, not as a secondary hygiene issue.

Protocol-aware authorization is the missing control model for CPS remote work. General-purpose remote access tools cannot reliably distinguish between safe diagnostics and dangerous write operations. That is why the relevant frame is granular operational permission, not generic connectivity approval. The implication is that CPS teams must measure access at the command boundary, where harm actually occurs.

Secure operations is replacing secure connectivity as the category standard. The market is moving toward models that combine identity-centric Zero Trust, just-in-time access, and session recording because legacy tools cannot represent operational context well enough. That development validates a broader NHI governance lesson: when the action taken after authentication can affect physical systems, the unit of control has to shrink accordingly. Practitioners should re-evaluate every remote access path that still stops at network authentication.

Identity blast radius is the right concept for CPS remote access governance. Once a session can touch multiple devices, multiple protocols, or multiple commands, the blast radius of a single identity decision expands far beyond the login event. That is not a tooling issue alone. It is a lifecycle and privilege design issue, and teams should rebuild governance around the smallest operational action that can be granted and audited.

From our research:

• Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security, according to The 2026 Infrastructure Identity Survey.
• 69% of security leaders agree identity management must fundamentally shift to address agentic AI systems, which shows how quickly static governance assumptions are being outgrown.
• 52 NHI Breaches Analysis shows how unmanaged identities turn routine access into breach paths, which is the same governance pattern remote CPS access can reproduce.

What this signals

Shadow access will increasingly be treated as an identity governance defect, not an operational convenience. As remote connectivity becomes a permanent feature of CPS, teams will need a named owner for every support path and a retirement condition for every exception. The practical shift is from ad hoc connectivity management to lifecycle-based control of every third-party and internal remote identity.

Identity blast radius is becoming the more useful metric than login success. With 70% of organisations already granting AI systems more access than human employees in a different but related governance domain, the broader lesson is that access scope, not authentication alone, determines risk. For CPS programmes, that means measuring how far one remote session can reach, alter, or override.

Secure operations will pull remote access teams closer to zero trust and NHI governance standards. That means command-scoped authorization, session recording, and explicit offboarding for every remote support relationship. Teams that keep remote access outside identity governance will struggle to defend it during audits, incidents, and safety reviews.

For practitioners

• Map every CPS remote path to an owner and expiry condition Inventory VPNs, jump servers, OEM tunnels, and ad hoc support connections. Assign a business owner, define the operational purpose, and require an explicit expiry or review trigger for each path.
• Enforce command-level least privilege for remote sessions Scope access to specific devices, applications, and protocol actions so a legitimate support session cannot issue unsafe write commands. Separate diagnostic rights from operational change rights.
• Replace network-only trust with protocol-aware controls Use controls that can inspect native industrial protocols and block unauthorized actions before they reach physical systems. Authenticate the user, then authorize the command.
• Record and retain CPS sessions for audit and forensics Capture session activity in a way that survives low-bandwidth and intermittent connectivity so investigations can reconstruct who did what, where, and under which approval.
• Review third-party access as a lifecycle issue Treat OEM and contractor remote access as governed identity with onboarding, recertification, and offboarding, not as permanent support plumbing.

Key takeaways

• CPS remote access is now a primary identity and safety exposure, not just a support mechanism.
• Legacy IT remote tools fail because they control connection, but not the operational command executed after connection.
• The control that changes the risk is command-level, protocol-aware least privilege with full lifecycle ownership of every remote path.

Key terms

• Shadow Access: Remote access that exists outside formal governance, approval, or inventory. In CPS, it often comes from contractors, OEMs, or internal support shortcuts. The security problem is not only visibility. It is the absence of accountable ownership, review, and offboarding.
• Protocol-aware Authorization: A control model that evaluates the command or action inside a session, not just the user’s ability to connect. In CPS, this matters because a safe diagnostic action and a dangerous write action can travel over the same authenticated channel.
• Secure Operations: An access model that protects the work performed after login, not just the login itself. In CPS, secure operations means identity, privilege, and session controls are tuned to physical and safety impact rather than ordinary data access risk.
• Identity Blast Radius: The total operational reach a single identity decision creates across systems, commands, and safety outcomes. In CPS, the blast radius can expand quickly if one session can affect multiple assets or control functions, so governance must shrink the scope of each entitlement.

Deepen your knowledge

CPS secure remote access and least-privilege session control are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are redesigning support access for industrial or critical infrastructure environments, it is worth exploring.

This post draws on content published by SSH Communications Security: secure remote access for CPS and the shift from connectivity to secure operations. Read the original.