Cyolo Unveils Groundbreaking VPN Control for OT Environments, Bringing Zero Trust to the Legacy Edge

In a major leap for industrial cybersecurity, Cyolo has introduced a suite of new capabilities aimed at solving one of the most persistent—and invisible—threats to operational technology (OT) and cyber-physical systems (CPS): unmanaged third-party remote access.

At the core of the announcement is Cyolo’s new Third-Party VPN Control, a patent-pending feature that allows organizations to monitor and control external VPN or direct connections—without requiring those vendors to alter their existing tools or infrastructure. The feature is part of Cyolo PRO (Privileged Remote Operations), the company’s flagship platform designed for critical infrastructure and industrial environments.

The innovation targets a growing risk in today’s hyperconnected industrial systems: the lack of visibility and governance over third-party access. Whether it's an OEM servicing plant machinery or an auditor accessing control systems, external vendors often rely on legacy VPNs, encrypted black-box gateways, or site-to-site tunnels—technologies that function outside the purview of corporate security teams.

“These opaque and unmanaged pathways pose significant risks,” said Almog Apirion, CEO and Co-Founder of Cyolo. “We are always thinking about the real-world challenges our customers face and endlessly innovating to solve those problems. This latest advance represents the next step in the transformation of OT and CPS access, making it more agile, secure, and seamless for administrators and end users, without forcing vendors to change the tools they rely upon.”

Closing the Blind Spot in Industrial Security

Cyolo’s move comes at a critical juncture for industries embracing digital transformation. As factories, energy grids, and transportation systems modernize, they’re exposing old infrastructure to new threats. One major weak point? Third-party access that can't be fully monitored or controlled.

With Third-Party VPN Control, Cyolo inserts policy enforcement and visibility into those unmanaged connections—essentially extending Zero Trust principles to legacy VPNs. Organizations can now see who is connecting, when, from where, and to what systems, even if the third party is using non-standard access tools.

A Broader Arsenal for OT Defense

The PRO platform upgrade also includes:

• Instant Collaboration Link: A secure, browser-based invite system allowing operators to bring vendors or engineers into sensitive sessions (RDP, SSH, VNC) with full control—no software agents required.

• Secure Remote Assistance: Helpdesk and user-initiated support built natively into the platform, providing secure, governed sessions on demand.

• Asset Access Hub: A dynamic dashboard offering deep visibility into assets and user access, enabling precise, context-aware access assignments.

These additions are designed to tackle not just security but operational agility—a critical balance for industries that can’t afford downtime.

Built for Compliance and Compatibility

Cyolo’s architecture is also tuned for regulatory readiness. The new features align with key compliance frameworks including NERC CIP, ISA/IEC 62443, ISA99, and NIST 800-82, giving security teams confidence that operational security isn’t just strong—it’s auditable.

And importantly, the system plays nicely with legacy infrastructure. Organizations don’t need to rip and replace existing connectivity tools to implement Cyolo’s enhancements, a move likely to accelerate adoption in industries often wary of disrupting fragile systems.

Redefining Remote Access for Critical Infrastructure

Cyolo is part of a growing cohort of security vendors focused on OT environments, a space long underserved by traditional IT security solutions. But where others bolt on industrial capabilities, Cyolo’s DNA is rooted in the unique constraints of cyber-physical systems: uptime is non-negotiable, tools must adapt to vendor realities, and visibility can’t come at the cost of control.

“In today’s virtual environments, third-party vendors are essential for the unbroken continuity of industrial operations and critical infrastructure—both vital for the economy and national security,” Apirion noted. “However, third-party access methods too often introduce unacceptable risks.”

With this release, Cyolo may have cracked one of the industry’s toughest challenges—securing legacy third-party access without breaking it. For security teams tasked with defending industrial operations, that’s not just innovation—it’s peace of mind.