First, visibility is incomplete by design. Gadgets are incessantly deployed by amenities groups, engineering teams, or third-party integrators reasonably than security organizations. Asset inventories lag actuality. Telemetry is sparse, proprietary, or intermittent. Many gadgets talk solely throughout particular operational states, leaving lengthy durations of silence that security instruments interpret as regular.
CISA has repeatedly warned that unmanaged gadgets, restricted visibility and legacy operational protocols stay among the many commonest weaknesses in IoT and OT environments, significantly the place methods had been by no means meant to be constantly monitored or centrally ruled.
Second, networks are functionally flat even once they seem segmented. Broadcast discovery protocols, shared gateways and centralized controllers undermine isolation assumptions. Gadgets that by no means talk straight can nonetheless affect each other via shared infrastructure. Segmentation exists on paper, however coupling persists in operation.
