For years, Operational Technology (OT) security was seen as a secondary concern, a separate universe from the world of IT. But as the lines between these environments blur, so too has the perception of risk.
New research from Rockwell Automation, "The State of Smart Manufacturing Report: Cybersecurity Findings," reveals a fundamental shift: OT security is no longer a niche issue but a core business priority, and manufacturers are rapidly adopting new strategies to meet this challenge.
Drawing on insights from more than 1,500 manufacturing leaders globally, the report highlights that cybersecurity is now the second most serious external risk for manufacturers, trailing only economic conditions. This is a stark change from past years and a clear indication that cyber resilience has become imperative for maintaining operational continuity and competitive advantage.
So, what are the key trends driving this change?
AI adoption is accelerating
In a proactive move to combat the expanding attack surface, security teams are accelerating their adoption of AI and machine learning. The report finds that 61% of cybersecurity and IT professionals plan to adopt these technologies within the next year, a rate that outpaces general manufacturing adoption by 12 percentage points, according to a press release from Rockwell Automation. This indicates a recognition that traditional security tools are insufficient against the sophisticated, human-operated attacks now targeting industrial environments.
Securing IT/OT convergence is a top priority
As the integration between information technology (IT) and operational technology (OT) becomes a reality, securing this converged architecture has become a key priority. Nearly half (48%) of cybersecurity professionals identified this as crucial for achieving positive outcomes over the next five years. The report states that this convergence expands the attack surface, making it essential to create a unified front against threats to both IT and OT assets.
[RELATED: Billions at Stake: The Financial Risks of OT Security]
Cyber readiness is a talent priority
With the increasing complexity of threats, the demand for a cyber-literate workforce is skyrocketing. According to the report, 81% of manufacturing decision-makers place a high or top-tier priority on knowledge of cyber practices and standards. This shift is turning cybersecurity skills from a "nice-to-have" to a foundational requirement for new hires. The report also highlights that manufacturers are investing in training, certifications, and micro-lessons to build in-house expertise and embed secure behavior into the daily workflow.
"The State of Smart Manufacturing report from Rockwell Automation emphasizes the significance of AI/ML in smart manufacturing and recognizes related cybersecurity challenges," said Satish Swargam, Principal Security Consultant at Black Duck. "The disruption of digital transformation in this market sector shows the increasing demand for skilled cybersecurity professionals who are adept in identifying cybersecurity risks and applying mitigation controls to address the challenges AI/ML poses in smart manufacturing."
"Cybersecurity assessments that include AI governance are like brakes that should be perceived as not slowing one down but instead helping to reach one’s destination by avoiding accidents," Swargam added. "There are lots of capabilities that should be considered when employing and maturing the AI/ML strategic programs. AI/ML will be used to improve quality and cybersecurity in the forthcoming months. Since the data will be used in LLMs to streamline operations and enhance decision-making capabilities, Shadow AI will become a major concern in smart manufacturing, as well."
Derek Manky, Chief Security Strategist & Global VP of Threat Intelligence with Fortinet's FortiGuard Labs, breaks down the importance of OT security.
-
"OT cyber threats have evolved dramatically as attackers increasingly target industrial environments with more sophisticated techniques. In fact, our recent Global Threat Landscape Report found that the OT sector remains one of the top targets for attackers.
-
"One of the most significant shifts has been the increasing convergence of IT and OT environments, which expands the attack surface and makes traditional security measures insufficient. Threat actors are capitalizing on this shift by leveraging new attack methods that were previously impractical to use against air gapped OT systems and employing reconnaissance-as-a-service to map out OT networks before deploying malicious payloads.
-
"One of the biggest challenges organizations face in incident response is the upsurge in AI-powered threats that increase the volume and sophistication, making attacks harder to detect and contain. Real-time threat intelligence is essential for detecting and responding to cyber threats before they impact industrial operations. By continuously analyzing threat data, organizations can identify attacker tactics, techniques, and procedures (TTPs) early in the attack lifecycle, allowing for proactive defense.
-
"To make threat intelligence actionable, organizations should:
-
-
"A well-implemented threat intelligence program ensures that security teams not only understand the evolving threat landscape but also have the tools to act on it swiftly and effectively.
-
"The future of security in manufacturing will be driven by technologies that enable faster detection, response, and adaptation to evolving threats. Key trends include:
RELATED: Enida Metaj, Cyber Compliance Lead Auditor at Rockwell Automation, will be speaking at the SecureWorld Detroit conference on September 11, 2025. Her topic is "The Global AI Dilemma: How the EU and U.S. Are Balancing Innovation and Regulation."
