Groowe Groowe BETA / Newsroom
⏱ News is delayed by 15 minutes. Sign in for real-time access. Sign in

WinMagic Responds to New CISA OT Guidance With Transport-Layer Identity Architecture

prnewswire.com
OKTA The article mentions Okta as a platform that organizations can continue to use while extending continuous identity assurance into environments where cloud-dependent verification models break down, indicating it's part of a broader ecosystem. MSFT The article mentions Azure AD as a platform that organizations can continue to use while extending continuous identity assurance into environments where cloud-dependent verification models break down, indicating it's part of a broader ecosystem.

WinMagic Responds to New CISA OT Guidance With Transport-Layer Identity Architecture WinMagic warns that current Zero Trust models were not built for critical infrastructure environments where uptime and continuous trust are essential. Following new CISA guidance, the company introduces an endpoint-driven approach using Live Key and Live Identity in Transaction (LIT) to deliver continuous, hardware-bound identity assurance beyond login.

TORONTO, May 18, 2026 /PRNewswire/ -- The U.S. government is accelerating the expansion of Zero Trust into operational technology and critical infrastructure. On April 29, 2026, the Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI and the Departments of War, Energy, and State, released new guidance on adapting Zero Trust principles to operational technology environments. The guidance reflects a growing reality: systems that control energy grids, manufacturing plants, transportation infrastructure, and industrial operations are now frontline cyber targets.

For WinMagic, a cybersecurity innovator known for endpoint-based authentication and encryption, the guidance marks a critical turning point. As Zero Trust expands into environments where safety, uptime, and legacy infrastructure constraints are essential, the challenge is no longer simply controlling access. It is ensuring that identity can be trusted continuously throughout the entire interaction.

"CISA's guidance correctly identifies that IT-centric Zero Trust approaches do not translate cleanly into operational technology environments," said Thi Nguyen-Huu, founder and Chief Executive Officer of WinMagic. "Identity verification in OT must be continuous, locally verifiable, and operationally invisible. In much of the world's critical infrastructure, connectivity is intermittent or unavailable. A cloud identity provider cannot see what is happening at the endpoint in real time, and it cannot enforce trust when the network disappears."

Zero Trust Expands into OT as Critical Infrastructure Becomes a Frontline Target

The new guidance reflects growing urgency around protecting operational technology systems from increasingly sophisticated cyber threats. OT environments differ fundamentally from traditional enterprise IT. Industrial systems interact directly with the physical world and operate under strict safety and availability requirements. Authentication delays or interrupted access can create real-world consequences.

The timing is significant. The Operation Epic Fury conflict earlier this year demonstrated the strategic vulnerability of critical infrastructure during geopolitical conflict. Industrial controls, transportation networks, and energy infrastructure have become high-value cyber targets.

CISA's guidance also reflects a broader global shift already underway. While the United States is taking important steps to expand Zero Trust into operational technology, some international cybersecurity frameworks have already moved further, introducing mandatory continuous attestation requirements and hardware-anchored trust standards for critical infrastructure systems. WinMagic argues the U.S. is moving in the right direction, but the global trend is increasingly toward identity that must remain continuously provable throughout every transaction, not simply verified at login.

"Most Zero Trust models still verify identity through credentials and sessions that exist before or after the transaction itself," Nguyen-Huu explained. "That creates a gap. In operational environments, trust cannot depend on a session token that can persist long after conditions have changed. Identity must live in the transaction itself."

From Login-Based Access to Continuous Identity Assurance

WinMagic's architecture extends Zero Trust beyond traditional login and session models by anchoring identity directly at the endpoint through hardware-bound cryptographic trust. Using MagicEndpoint, Live Key, and Live Identity in Transaction (LIT), identity becomes a continuous signal tied to the device, the user, and operating conditions in real time.

Unlike cloud-dependent identity systems, MagicEndpoint performs verification locally at the endpoint using TPM-bound cryptographic keys. This allows identity assurance to continue even when systems are disconnected from the corporate network or operating in air-gapped environments.

Key capabilities include:

"MagicEndpoint was architected for exactly the constraints CISA is now describing," Nguyen-Huu said. "When a grid operator is responding to a power emergency or a water treatment engineer is adjusting chemical dosing in real time, they do not have time for MFA prompts or session timeouts. The endpoint has already verified them continuously since power-on."

Completing Zero Trust for Critical Infrastructure

WinMagic positions its approach as an extension of existing Zero Trust strategies rather than a replacement for enterprise IAM systems. Organizations can continue using platforms such as Okta, Azure AD, Active Directory, SAML, and OIDC while extending continuous identity assurance into environments where cloud-dependent verification models break down.

"What CISA envisions, and what some global frameworks are already beginning to enforce, is identity that remains continuously provable throughout every transaction," Nguyen-Huu said. "The TPM hardware already exists. Mutual TLS already exists. The missing piece has been the architecture that ties them together. That is what Live Key and LIT provide: continuous identity assurance embedded directly into the secure channel itself."

About WinMagic

WinMagic's mission is to secure the digital world through high standards and strong ethics. For more than two decades, the organization has led innovation in encryption and endpoint security. Today, WinMagic is advancing a new paradigm for online access—anchoring the endpoint as the foundation of trust. By letting endpoints speak for users, WinMagic turns cumbersome logins into seamless, automated exchanges. What was once user-to-machine communication now becomes a machine-to-machine relationship, governed by policy and anchored in cryptography. This evolution eliminates friction, reduces risk, and lays the groundwork for the Secure Internet—where security is continuous, effortless, and requires no user action. Learn more at https://winmagic.com.

References:

Media Inquiries:

Karla Jo Helms

JOTO PR™

727-777-4629

jotopr.com

SOURCE WInMagic