Waterfall Security, the leader in hardware-enforced OT security and remote access for cyber physical systems (“CPS”), is pleased to announce our inclusion in Gartner’s recent Market Guide for CPS Secure Remote Access report.

Gartner points out that “traditional remote access methods, such as VPNs, jump boxes or emerging approaches such as IT remote privileged access management (RPAM) products, lack the granularity and contextual knowledge needed for production or mission-critical environments,” and recommends organizations “replace VPNs and proceed with caution with IT-centric tools”. In the representative vendors section, the report identifies Waterfall for its new HERA (Hardware-Enforced Remote Access) product as a Representative Vendor.

Hardware-Enforced Remote Access

How Does HERA’s “physics” work? The Waterfall HERA product is a pair of a-symmetric cooperating Unidirectional Security Gateways, each physically able to send information in only one direction. The outbound gateway sends encrypted screen images out of the OT network. The inbound gateway sends encrypted keystrokes, mouse and other HERA protocol information into the OT network. The inbound gateway contains a hardware filter that passes only HERA information – all IP packets are discarded. In addition, login/encryption credentials are stored securely in TPM hardware in the remote HERA client computer, as well as TPM hardware in the HERA hardware on the OT side of the HERA – this in addition to conventional software-based multi-factor authentication (MFA) mechanisms.

“We are pleased to be recognized in the Gartner Market Guide. Waterfall’s hardware-enforced solutions, including Unidirectional Gateways and HERA are designed to eliminate entire classes of network-borne attack vectors.”
Lior Frenkel, CEO

Modern OT Remote Access

Today’s industrial operations expect remote access products with modern features, including: zero-trust-style granular access, MFA, a guaranteed protocol break, just-in-time session control, and the ability to inspect and terminate existing sessions, especially in NERC CIP and other regulated environments. Waterfall’s HERA provides all of these industry-leading features, in addition to the unique hardware-enforced security measures.

OT remote access is increasingly common and is increasingly seen as a serious threat to the security of industrial operations. The latest advice from CISA, CCCS and other government authorities regarding OT remote access states that the risk of exploiting VPN and other software vulnerabilities can “become detrimental to business operations.” As a result, these authorities recommend that “business owners should consider hardware-enforced solutions.” The era of “physics-based” and hardware-enforced solutions is upon us.

To explore Waterfall’s HERA, download the Waterfall Guide: Rethinking Secure Remote Access for Industrial and OT Networks.

Gartner, Market Guide for CSP Secure Remote Access, Katell Thielemann, Wam Voster, Sumit Rajput, 3 February 2026.

GARTNER is a trademark of Gartner, Inc. and/or its affiliates. Gartner does not endorse any company, vendor, product or service depicted in its publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner publications consist of the opinions of Gartner’s business and technology insights organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this publication, including any warranties of merchantability or fitness for a particular purpose.

The data set in the Waterfall / ICS STRIVE 2026 OT Cyber Threat Report shows 57 OT attacks with physical consequences world-wide in the industries the report tracks. Most of these attacks were ransomware, and this has been the case since the turn of the decade. Nation-state and hacktivist attacks nearly doubled, but that increase was not enough to make up for the reduction in ransomware attacks. The question of “what happened?” is really “what happened to ransomware attacks?” A definitive answer is not possible – there are a lot of ransomware groups out there, each with different MODUS OPERANDI, motives and circumstances. Speculation is possible however, and there is secondary data available, so let’s speculate a bit.