intrusive controls that disrupt operations,” says Sircar. “In OT, zero trust just isn’t a checklist or a product rollout – it’s an architectural mindset. It’s about understanding who and what is accessing systems, under what conditions and with what level of privilege, while respecting uptime, safety and legacy constraints.” When applied carefully, this approach focuses on continuously verifying users, devices and processes before granting access, while enforcing least-privilege permissions and segmenting networks to minimise risk. Phased zero-trust implementation in industrial facilities can reduce breach probability by up to 45 per cent, according to a recent report from Gartner on OT security. Crucially, most successful OT security programmes begin with visibility. Many manufacturers still lack a complete inventory of the assets operating across their plants. Establishing this visibility allows organisations to map communication flows, identify vulnerabilities and build a shared understanding of risk across IT, OT and security teams. “Enforcing controls without first understanding assets, access paths and normal behaviour often creates friction and erodes confidence with operations teams,” says Sircar. “Visibility creates a shared, factual baseline across IT, OT and security. That approach is both safer and faster than attempting large-scale, one-time transformations.” Industry research supports this phased approach. Deloitte’s 2023 Manufacturing Cybersecurity Report found that manufacturers implementing OT security in stages achieve 33 per cent faster incident response times compared to organisations attempting full-scale transformations. Manufacturers are beginning with foundational capabilities such as asset discovery, network monitoring and identity-based access controls before moving towards more advanced protections like automated threat detection and unified security operations. Another growing priority is the creation of converged IT and OT security operations centres. By integrating data from factory networks with enterprise security platforms, organisations can detect threats earlier and respond more effectively. Microsoft Defender XDR, Sentinel, Entra and Security copilot and agents enable security teams to correlate signals across environments, automate investigations and accelerate incident response. Regulatory pressure is also intensifying, with governments around the world introducing new frameworks aimed at protecting critical infrastructure and industrial systems. However, Sircar cautions that compliance alone should not be the goal: “Compliance is important, but it’s not the same as resilience,” he says. “Regulations provide a useful baseline and a common language, but manufacturing environments are ultimately judged on safety, uptime and continuity of operations. A system can be compliant and still fragile. The most effective organisations treat compliance as a starting point and design security architectures around real operational outcomes – keeping people safe and the business running.” Third-party and vendor access remains one of OT’s hardest security challenges. “Industrial environments depend heavily on external vendors, integrators and remote support,” says Sircar. “Historically, that access has been managed through shared credentials or overly permissive access models. The challenge isn’t networking alone – it’s identity, intent and governance. Shifting towards identity‑aware, least‑privilege access can significantly reduce risk without materially slowing operations. This is where deep industrial expertise and a strong partner ecosystem make a real difference.” Looking ahead, Sircar believes the role of OT security will continue to expand as manufacturers adopt more advanced digital technologies, including AI. “Advanced technologies depend on trusted data, reliable connectivity and secure integration across systems,” he says. “Without that foundation, AI initiatives either stall or introduce new risks. Strong OT security isn’t a blocker to innovation – it’s an enabler. Organisations that invest early in visibility, identity-aware access and unified IT/OT security operations are far better positioned to adopt AI and automation safely and at scale.” Industry research supports this view. Manufacturers with secure OT frameworks achieve 25 to 30 per cent higher success rates when deploying AI and autonomous operations, according to the McKinsey & Company report The Future of AI and Automation in Manufacturing. OT security is not just about defence. It can be a strategic capability that underpins operational resilience, regulatory readiness and the next generation of intelligent manufacturing. FEATURE “ Advanced technologies depend on trusted data, reliable connectivity and secure integration across systems” 80
RkJQdWJsaXNoZXIy NzQ1NTk=