What happened
On July 10, 2026, Zentera Systems published a zero-trust guide, 'Securing AI Agent Access to OT,' synthesizing existing guidance from CISA, NCSC, and the Five Eyes alliance into six concrete controls for AI agents accessing operational technology environments, including distinct agent identity, least-privilege reachability, and inline session inspection. The guide explicitly recommends against using LLMs for safety-critical decisions in OT settings.
Why it matters
While vendor-authored rather than standards-body-issued, this guide is a useful practitioner synthesis of multiple government agencies' OT/AI guidance into an actionable control set, relevant given no single body has yet issued a unified AI-agent-to-OT control catalogue.
Action needed
OT/ICS security teams evaluating AI agent integration should review the six controls as a checklist and cross-reference against the underlying CISA/NCSC source guidance directly (not just the vendor synthesis).