Your Factory Floor Just Joined Your Business Network. Here’s What That Means for Risk.

Published April 1, 2026

A mid-size plastics manufacturer in the Midwest connected their production line PLCs to the corporate network last year. The goal was simple: get real-time production data into their ERP system so operations could make faster decisions. It worked. For about four months. Then ransomware spread from a compromised employee laptop, crossed into the production network, and locked up the HMIs that operators use to monitor and control the molding machines. The plant was down for six days. Not because the machines were broken. Because nobody could see or control what the machines were doing.

That story is not unusual. It is becoming the norm.

The Shift: Connected Floors, Expanded Risk

OT — operational technology — is the collection of systems that physically run your plant. PLCs (programmable logic controllers), HMIs (human-machine interfaces), SCADA systems, sensors, drives. These systems control temperature, pressure, speed, flow. They keep your production lines moving.

IT — information technology — is everything else. Email, ERP, file shares, business applications.

For decades, OT and IT lived in separate worlds. Your factory floor systems ran on proprietary protocols, weren’t connected to the internet, and didn’t talk to your business network. Security wasn’t a major concern because there was no path in.

That separation is disappearing. Manufacturers are connecting OT to IT for good reasons: real-time production visibility, predictive maintenance, quality tracking, supply chain integration. The efficiency gains are real.

But so is the risk. Every connection between your factory floor and your business network is a potential path for an attacker. Your OT systems were never designed to handle that exposure.

Why This Hits Manufacturing Harder

When a law firm gets hit with ransomware, people can’t access files for a while. It’s painful, but nobody’s production line stops.

When a manufacturer’s OT systems go down, the impact is physical and immediate:

Production stops. Depending on your operation, unplanned downtime costs anywhere from $5,000 to $50,000 per hour. For automotive or food production, it can be far more. NIST’s manufacturing cybersecurity guidance emphasizes that connected production environments require security controls proportional to the operational risk they carry.

Product gets scrapped. If a batch process is interrupted mid-cycle — think chemical mixing, heat treatment, extrusion — the in-progress material is often a total loss.

Supply chains cascade. Your customers are counting on deliveries. A week of downtime doesn’t just cost you production. It costs you contracts, relationships, and sometimes penalties.

Recovery is slow. OT systems don’t recover like IT systems. You can’t just reimage a PLC. Many of these devices run legacy firmware, require specialized technicians, and need to be recalibrated after any disruption. A six-day outage on the IT side might mean a two-week recovery on the OT side.

The core problem: OT devices were built for reliability and longevity, not security. Many run outdated operating systems. Many have default passwords that have never been changed. Many can’t be patched without shutting down production. CISA has repeatedly warned that industrial control systems face growing threats from both nation-state actors and criminal ransomware groups. When you connect these systems to your business network, you’re exposing devices with 1990s-era security to 2026-era threats.

What Good Looks Like

You don’t need to disconnect your factory floor from your business network. The efficiency gains of convergence are too significant to walk away from. But you need to converge safely.

Network segmentation. Your OT network and your IT network should be separated by firewalls with strict rules about what traffic can cross between them. If an employee laptop gets compromised, that compromise should not be able to reach your PLCs. This is the single most important step you can take.

OT-aware monitoring. Standard IT security tools don’t understand OT protocols. You need visibility into what’s happening on your industrial network — what devices are communicating, what commands are being sent, what’s changed. Without this, you’re flying blind.

Access control. Who can connect to your OT network? From where? With what credentials? Many plants have wide-open access between zones because it was easier to set up that way. That convenience is a liability.

A managed approach. Most manufacturers don’t have in-house staff who understand both OT security and IT security. These are different disciplines with different tools, different protocols, and different risk tolerances. Trying to handle OT security with an IT-only team leaves gaps. Trying to hire specialized OT security engineers is expensive and competitive.

Four Things You Can Do This Quarter

  1. Map your connections. Document every point where your OT network connects to your IT network or the internet. You can’t protect what you don’t know about. Most plants have more connection points than they think — vendor VPN access, cellular modems on equipment, forgotten Wi-Fi bridges.

  2. Segment your networks. If your PLCs and your email are on the same flat network, fix that first. Even basic segmentation with VLANs and firewall rules dramatically reduces your blast radius.

  3. Audit default credentials. Walk your OT environment and identify devices still running factory-default usernames and passwords. Change them. This is low-hanging fruit that attackers actively exploit.

  4. Get a baseline assessment. Have someone who understands industrial environments assess your current OT security posture. Not a generic IT audit. A review that accounts for the specific risks of connected manufacturing systems.

We Can Help With This

OT/IT convergence security is one of the areas where we work closely with manufacturing clients. If you’re connecting your factory floor to your business network — or already have — and you’re not confident in the security of that connection, we’re happy to walk through your situation. No pressure, no pitch. Just a conversation about where you stand and what makes sense for your operation. Get in touch whenever you’re ready.