Notifications
Clear all
Topic starter
08/06/2026 4:57 pm
TL;DR: Water utilities face elevated cyber risk because remote vendor access, default credentials, shared accounts, and limited centralised control still create easy paths into operational technology, according to StrongDM’s discussion of the NIST NCCoE water and wastewater reference design. The governance problem is not connectivity itself but whether access can be bounded, monitored, and revoked without weakening operations.
NHIMG editorial — based on content published by StrongDM: Water Utilities Cybersecurity Guide: Challenges & Solution
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
Questions worth separating out
Q: How should security teams control vendor access in water utility OT environments?
A: Treat vendor access as privileged identity governance, not as a convenience layer.
Q: Why do default credentials remain dangerous in operational technology?
A: Default credentials are dangerous because they often survive device deployment, are reused across fleets, and create a predictable foothold for attackers.
Q: How do you know whether privileged remote access is actually under control?
A: Look for unique identities, session-level logging, clear approval boundaries, and a documented revocation process.
Practitioner guidance
- Inventory all vendor remote paths Map every VPN, jump host, shared account, and support channel that reaches OT assets.
- Remove default and shared OT credentials Replace default credentials and shared support accounts with individually attributable identities and per-session approval.
- Enforce session-level policy for privileged support Apply real-time command and context checks during the session, not only at login.
What's in the full article
StrongDM's full blog covers the operational detail this post intentionally leaves for the source:
- Reference design context for the NIST NCCoE water and wastewater initiative and how it frames vendor access risk
- How StrongDM positions its Zero Trust Privileged Access Management model for OT support scenarios
- Operational examples of centralized policy enforcement, logging, and support access mediation
- The article's discussion of legacy and modern infrastructure integration without requiring OT rewrites
👉 Read StrongDM’s guide to water utility cybersecurity and OT vendor access →
Vendor access in water utilities: are OT controls keeping up?
Explore further
08/06/2026 6:51 pm
Water utility security is an identity governance problem before it is an OT problem. The article describes remote vendor access, default credentials, and shared administrative paths, all of which are identity control failures expressed in industrial systems. That means water-sector resilience depends on who can act, under what identity, and with what auditability. Practitioners should treat OT access as privileged identity infrastructure, not as a separate network exception.
A few things that frame the scale:
- Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
- 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage.
A question worth separating out:
Q: Who is accountable when vendor access causes a breach in critical infrastructure?
A: Accountability sits with the utility, the supplier, and the control owners who approved the access model. Frameworks such as NIST CSF and NIST’s water-sector reference design expect traceable governance, not informal trust in support relationships.
👉 Read our full editorial: Water utility cyber risk exposes vendor access gaps in OT security
