There’s a classic parable about a frog in a pot of water. If you drop a frog into boiling water, it will immediately jump out. But if you place it in lukewarm water and slowly raise the temperature, the frog won’t perceive the gradual danger and will, unfortunately, be cooked. The story is a grim but powerful metaphor for how we react—or fail to react—to incremental change.
For decades, the world of industrial control systems and operational technology has been sitting in that pot. We started in a very safe, physically-oriented security model. Thirty years ago, the plant floor was an island. Security meant having a key to the lock on the door. The so-called “air gap”—a complete physical separation between the industrial network and the outside world—was our impenetrable fortress. That was our block of “cheese,” and we felt secure.
The Water is Getting Warmer
But then, progress happened. The temperature began to rise, degree by degree. It wasn’t a sudden, boiling change, but a slow, creeping normality.
First, a new piece of equipment needed a license manager that had to ping a server on the internet, so a tiny, firewalled hole was poked in the air gap. Then, commissioning and support required a jump box or VPN for vendors to troubleshoot remotely. Remote alarm monitoring evolved from a modem dialing a pager to an internet-delivered service.
Next thing you know, your plant is sending operational data to a cloud-based big data platform for AI-driven predictive maintenance. Each of these steps, taken in isolation, seemed like a reasonable and necessary evolution. But collectively, we’ve woken up to find ourselves in a pot of nearly boiling water. The air gap we trusted is now more like Swiss cheese—still there, but full of holes.
You Can’t Turn Down the Heat
It’s tempting to get nostalgic for the old ways and demand a return to the “pure” air gap. But we must face the reality of why this change is happening. You simply can’t fight progress.
- Vendor Requirements: Manufacturers are increasingly building products that require internet connectivity for everything from licensing and maintenance to core functionality. The fight over John Deere’s “right to repair” is a prime example of how even tractors now have cellular modems and call home to the mothership.
- Cost and Practicality: It’s far more efficient and cost-effective to leverage pooled, centralised cloud resources for heavy-duty tasks like big data analysis and training AI models than to build and maintain that infrastructure at every edge location.
- The Skills Gap: The days of the generalist who could do everything are fading. Today, we rely on a smaller pool of deep specialists. To leverage their expertise across multiple sites, they need to be able to work remotely.
Trying to reverse this tide is like trying to put the cheese back where it used to be, as the characters in Spencer Johnson’s famous book learned. Change is inevitable. The only viable path forward is to adapt.
Learning to Swim in Secure Waters
Accepting this new reality doesn’t mean surrendering to insecurity. It means recognising that your old defence mechanism is gone and you need a new one. If you’re going to have remote access—and you are—you may as well have secure remote access.
The old model of punching holes in the perimeter is no longer defensible. The modern approach must be built on a foundation of Zero Trust, where access is granted on a least-privilege basis, explicitly verified, and limited to specific applications for specific users at specific times. Instead of a wide-open VPN tunnel, imagine giving a trusted vendor temporary access only to the one specific PLC they need to service, and nothing else.
This is Agilicus comes in. We make it simple to implement secure remote access for your industrial plant, without the complexity of traditional IT solutions. We help you navigate this new, connected world safely.
The water is hot, but it’s not too late to jump out of the pot. It’s time to stop pretending the air gap is your armor and start building a security model that fits the world we actually live in. Let’s ensure you can swim happily and safely, rather than becoming an appetiser.