Bridging IT, OT to Safeguard Smart Factories Operations

The integration of information technology (IT) and operational technology (OT) is the engine of Industry 4.0. However, this convergence has exposed smart factories to a rapidly escalating landscape of cyber threats. Many attacks no longer seek only to steal data but to physically paralyze operations, making unified cybersecurity a strategic imperative for business continuity and market survival.

“IT and OT teams are not adversaries; they are collaborators,” says Cateryn Farfán, Founder, WoSEC Mexico, during the Mexico Cybersecurity Summit 2025.

The drive for efficiency, predictive maintenance, and agility has left security behind in many cases. This gap between technological implementation and security maturity is the core of many modern risks, according to Dragos’s 2025 OT Cybersecurity Report. 

The challenge lies in the intrinsic differences between IT and OT. IT focuses on data management, prioritizing the CIA triad: confidentiality, integrity, and availability. It operates with equipment lifecycles of three to five years and a culture of constant updating. In contrast, the OT domain controls physical processes, prioritizing availability, integrity, and confidentiality to ensure human safety and uninterrupted production. Its systems have lifecycles of over 15 to 20 years. Any change, such as applying a patch, is a high-risk operation that may require a production stoppage. “OT has been neglected for many years. A key question: can IT and OT worlds unite?” asks Emilio Mena, Global Cybersecurity CSIRT Manager, Nemak.

Industry 4.0 has forced the union of both worlds. Technologies like the Industrial Internet of Things (IIoT) and AI depend on a seamless flow of data from machinery on the plant floor (OT) to enterprise resource planning systems (IT). The benefits are undeniable, including the ability to predict equipment failures, optimize the supply chain in real time, and accelerate innovation. According to a report from Grand View Research, the global smart factory market is projected to reach US$272.6 billion by 2030. By connecting previously isolated OT systems to IT networks, organizations have inadvertently created a new and massive attack surface. “We are in a machine-to-machine era, with the AI boom now intersecting with robotics,” says Farfán.

Risks are only escalating. In 2024, ransomware incidents targeting industrial organizations increased by 87% compared to the previous year, with the manufacturing sector accounting for 69% of the attacks, reports Dragos. 

While the average cost of an IT data breach is US$4.88 million, according to IBM's Cost of a Data Breach Report 2024, a single hour of unplanned downtime at a large automotive plant can cost up to US$2.3 million. “Indicators matter: if controls and information are insufficient, operations could stop,” says José Luis Cisneros, Corporate Director of IT, Grupo Pochteca. 

Overcoming this challenge requires addressing three fundamental obstacles: the cultural gap between IT and OT teams, the technical debt of legacy systems, and a persistent governance gap. “Cultural gaps exist; awareness of cybersecurity is still limited. Education and communication are essential,” says Cisneros. 

While CISO oversight of OT is now a standard practice, the focus in 2025 has shifted from responsibility to maturity. The 2025 State of Operational Technology and Cybersecurity Report reveals that while over 80% of CISOs oversee OT, only 35% of organizations report having a mature, fully integrated IT/OT security operations model. “My focus is on creating synergy between IT and OT, establishing a common language, and preventing past mistakes,” says Jorge López, CISO, Grupo Bachoco. “Security should not be treated as just a cost or a potential ROI metric—it is operationally essential.”

To bridge gaps, leading organizations are anchoring their strategies in proven frameworks. The SANS 2024 ICS/OT Cybersecurity Survey shows that 65% of industrial firms have begun actively aligning with NIST CSF 2.0, with a primary focus on implementing the "Govern" function to create a unified risk management strategy. “We need adaptable frameworks (‘Frankenstein sets’) to accommodate diverse interests. Challenges can be overcome using digital tools; technology can drive enormous change,” says Farfán. 

AI is helping enhance predictive defense in OT. Its primary use case has matured beyond simple anomaly detection to asset discovery and management, which is critical for handling the explosion of connected devices. “AI can be both an ally and a threat; it is critical to implement positively,” says Óscar Colin, Global Cybersecurity Leader, Siemens Mexico, Central America, and the Caribbean. “OT data traffic is usually predictable; anomaly detection and machine learning help identify risks. Tools exist to analyze traffic, detect spikes, and evolve intelligence.”

Finally, the regulatory environment is driving board-level accountability. Deloitte NIS2's first-year impact report shows that regulators are focusing heavily on supply chain risk management and executive-level oversight. “Leadership in security starts at the top, and general management plays the key role,” says Cisneros.