By Guest contributor |
Industrial AI is moving quickly from experimentation to operational reality. Manufacturers are deploying connected assets across factories, supply chains and customer environments with the expectation that data and AI will unlock new levels of efficiency, automation and service innovation. But as organisations begin scaling connected products and industrial AI initiatives, many encounter an unexpected constraint: governance.
As fleets of connected devices grow, manufacturers must manage cybersecurity, software lifecycle updates, operational accountability and regulatory expectations across thousands – or even millions – of distributed assets. The operational effort required to manage this complexity is becoming what many organisations now recognise as a ‘governance tax’ on industrial AI.
Regulation is accelerating this trend. Frameworks such as the European Union’s Cyber Resilience Act and NIS2 are raising expectations around secure product design, software lifecycle management and vulnerability disclosure. Similar conversations are emerging globally as governments increasingly treat connected devices as part of critical infrastructure. But regulation is only part of the challenge facing manufacturers. The deeper challenge is architectural.
Most industrial environments were never designed to operate globally connected fleets of intelligent devices. Manufacturers must manage heterogeneous environments that mix modern cloud-connected systems with decades-old operational technology. Devices operate across multiple protocols, firmware generations and connectivity environments.
This fragmentation makes governance difficult. Security teams struggle to maintain visibility into device identity and software versions. Operations teams worry about applying updates that could disrupt production. Engineering teams must manage increasingly complex software supply chains.
At the same time, industrial AI initiatives depend on high-quality operational data. Raw telemetry alone is rarely enough. Data must be contextualised – linked to asset models, operational processes and enterprise systems – before it becomes useful.
In practice, this means manufacturers must solve two challenges simultaneously: operational context and lifecycle governance.
Operational context allows organisations to understand how assets are performing. By structuring telemetry within asset hierarchies and linking it to enterprise systems such as enterprise resource planning, manufacturing execution system and service platforms, manufacturers can build the foundation required for predictive maintenance, performance optimisation and other applications.
Lifecycle governance answers a different set of questions. Which devices are deployed across the fleet? What software versions are running? How are updates delivered securely? What actions have occurred across the lifecycle of each asset? Without reliable answers to these questions, scaling connected products – and the AI capabilities built on top of them – becomes difficult.
AIoT platforms like Cumulocity are designed to bridge the gap between industrial environments and modern cloud architectures. They provide capabilities for securely onboarding devices, managing software and firmware updates across large fleets and structuring operational data through flexible asset models. This operational layer ensures industrial assets can connect safely to enterprise cloud platforms for analytics, AI and security monitoring without forcing manufacturers to rebuild their operational systems.
Just as importantly, they provide a consistent operational layer that allows manufacturers to connect legacy and modern systems without redesigning their entire infrastructure. None of this eliminates the governance tax entirely. But it changes the equation.
When lifecycle management, device identity, and operational context are managed through a coherent platform architecture, governance becomes far more manageable. Security updates can be rolled out more safely, operational changes can be tracked and audited, and data can be delivered to analytics and AI systems with the context they require.
Industrial AI will ultimately succeed not just because algorithms continue to improve, but also because the operational foundations supporting them mature.
Manufacturers that invest in strong fleet lifecycle management and a coherent operational platform will be far better positioned to scale industrial AI responsibly. By separating operational control from cloud-scale analytics, organisations can connect industrial systems to modern AI, security, and enterprise data platforms while maintaining the safety, reliability and accountability that industrial environments demand.
Juergen Kraemer is chief product officer at Cumulocity
Discover more insights in the Spring 2026 issue of Technology Record. Don’t miss out – subscribe for free today and get future issues delivered straight to your inbox.