All News & Insights

Manufacturers can follow strategic steps to build resilience across IT and OT environments while advancing their business objectives.  

TAKEAWAYS:
● Manufacturers must engineer resilience through secure-by-design, standards-based architectures that future-proof operations against connectivity failures.
● Edge AI ensures operational continuity by eliminating cloud dependency and preserving real-time decision support during disruptions.
● Lasting cyber resilience requires commitment from IT and OT teams to collaborate and maximize risk reduction.   

In today’s rapidly evolving business landscape, manufacturers must accelerate digital adoption to maintain a competitive edge. Embracing advanced technologies drives measurable value by minimizing waste, maximizing uptime, and reducing labor costs. This is achieved through the continuous flow of data across the manufacturing stack, accelerating performance, and unlocking new operational efficiencies. However, increased connectivity between systems introduces increased—and often insufficiently quantified—cybersecurity risk. While manufacturers have always managed threats such as physical access control, and even natural disasters, accelerated digital adoption now exposes operations to more frequent and sophisticated cyber threats than ever before. As these risks intensify each year, the imperative for manufacturers remains urgent and clear: innovate and grow, or lose ground to the competition.

The resulting reality for manufacturers is a conundrum: ambitions to scale and improve operations can appear at odds with security goals to safeguard assets and data and to maintain control. However, manufacturers can balance these objectives by adopting a secure-by-design, standards-based architecture that delivers resilience against cyber and operational disruptions while allowing for seamless connectivity. Because there is no one universal architecture, manufacturing leaders must assess the unique risks connectivity poses to their operations and ensure targeted redundancy planning in the event of disruption. Ultimately, the critical question every manufacturing executive must answer is: can your operations continue when systems go down?

This article outlines the first steps leaders should take to build resilience across IT and OT environments while advancing their business objectives.

First: Business Continuity Planning for Connected Operations

Determining the specifications for the right secure-by-design architecture for your connected operation begins with a business impact analysis (BIA). A BIA analyzes operational functions and the potential effects of a disruption without interrupting or modifying any systems. Mapping assets, systems, and processes into a plant hierarchy helps leaders understand which disruptions would have the greatest operational impact. A separate cybersecurity risk assessment then evaluates threats, vulnerabilities, exploitability, and existing controls for the most critical functions and zones.

During a BIA, leaders must continually ask which parts of the operation are production-critical; that is, which areas must be made resilient to connectivity failure through segmentation and/or redundancy? This analysis provides a clear picture of each asset’s criticality, how failures propagate, and whether existing controls already mitigate the risk. When performed correctly, a BIA will establish the foundation for an architecture tailored to your operations, helping your organization avoid settling for a one-size-fits-all solution that demands costly process changes to function.

Then: Explore Edge AI Architecture for True Resilience

Organizations use BIAs to identify business-critical systems that must remain resilient during disruptions. This drives interest in edge-based intelligence, which, when explicitly designed and governed, can sustain monitoring, control, and safe shutdown functions even when cloud connectivity or other dependent systems are unavailable. By enabling AI at the edge, organizations can shield the “brain” of their operations from disconnection and protect against downtime. This resilience stems from the ability to run AI on-premises. While most AI tools today—especially generative AI—operate in the cloud and can be powerful solutions for tasks like reporting, they are not resilient enough for production-critical tasks because they depend on stable connectivity, external vendors, and infrastructure. Consequently, a failed cloud connection severs the intelligence governing operations.

Unlike larger, general cloud-based AI models, tailored small language models (SLMs) can run directly on industrial PCs, edge gateways, and controllers. This ensures that key decision-support capabilities remain available even without cloud access. Furthermore, SLMs can be tuned more precisely than larger, more general models, allowing them to specialize in specific tasks and provide more efficient real-time troubleshooting and decision support.

“A separate cybersecurity risk assessment then evaluates threats, vulnerabilities, exploitability, and existing controls for the most critical functions and zones.”

Consider this hypothetical scenario: a manufacturing operation, responsible for a significant share of global supply, experiences a connection outage due to an outdated architecture. Because of the nature of its production, any lapse in connectivity, operator visibility, control, or remote support triggers the dumping of all product for safety reasons—an extremely costly and environmentally impactful emergency measure. However, if edge-based intelligence were enabled, it could continue to guide operators by interpreting alarms, troubleshooting issues, and explaining failure modes and safe shutdown or recovery procedures, potentially averting unnecessary product loss.

The challenge with AI lies in selecting the right platform from the many available. Because most AI vendors are cloud-first and lack a deep understanding of industrial edge environments, carefully selecting a partner with operating experience at the edge is the best way to achieve a solution that supports the specific requirements of your operation.

Don’t Forget: Build a Culture of Cyber Resilience

For new approaches to succeed, they must be adopted and sustained by your employees and organizational culture. Leaders can guide their organization’s culture to evolve alongside new technologies by fostering a security-first mindset, treating security as a continuous practice rather than a one-time milestone. Teams should also shift away from a traditional ROI mindset—where investments are justified by direct financial return—and instead prioritize risk, making year-over-year investments to reduce the likelihood and impact of disruptions.

Much of this cultural shift centers on IT and OT teams, which traditionally have had divergent priorities: confidentiality and integrity (CIA) versus safety and availability (SAIC), respectively. True resilience lies at the intersection of IT and OT domains; resilience can only be achieved when these teams collaborate on architecture decisions, risk assessments, incident response planning, and governance. This achievement is a shared responsibility.

Step by Step: What Leaders Can Do Now

Figure 1: Steps Leaders Can Take Toward Resilience

Building resilience is not a one-time initiative but an ongoing commitment (Figure 1). It requires a secure-by-design architecture, edge-ready intelligence, and a culture that treats cybersecurity as foundational to operational excellence. As connectivity deepens and threats evolve, leaders who invest in continuity planning, adopt technologies purpose‑built for the industrial edge, and unite IT and OT teams around shared responsibility will position their organizations for success. Resilience is no longer achievable through a default defense posture. Manufacturers can only confidently operate, grow sustainably, and field emerging threats in an increasingly connected world through bold innovation and strategic thinking.  M

About the authors:

Chris Hamilton is a Digital Consulting Sr. Manager & Cybersecurity Platform Lead at Rockwell Automation Digital.

Will Rosengarten is the Data Strategy & Architecture Lead at Rockwell Automation Digital.