The myth that IT/OT convergence is an effective strategy for manufacturing management is widespread throughout the automation industry. This misconception gained popularity over the last twenty years as Factory Floor systems increasingly deployed Ethernet technology. Given that IT systems inherently rely on Ethernet, a fundamentally flawed idea took root: the merging of the two organizations.

This article debunks the myth of IT/OT convergence as an effective manufacturing strategy and explains why IT and OT should be prioritizing cooperation rather than convergence to protect both operational safety and business continuity.

“Two peoples divided by a common technology”

The George Bernard Shaw phrase describing America and England as “two nations divided by a common language” can be restated to describe how IT and OT are two organizations divided by a common technology. Both organizations use Ethernet but operate it differently.
Additionally, the priorities of the organizations are different. Enterprise IT prioritizes confidentiality, integrity and availability. OT prioritizes availability, integrity and confidentiality. Where downtime is often a nuisance in enterprise IT systems, downtime is critical and costly in a factory floor OT system. It is not uncommon for downtime costs to reach a million dollars per hour in critical factory floor systems.

IT and OT systems are different

Enterprise IT systems can be characterized as an unknown number of users every day, using an unknown number of applications connecting to various and unknown URLs on the Internet, executing applications and downloading unknown numbers and types of files. That creates a very challenging environment for Enterprise IT security specialists. It can be further characterized by a distinct separation between the enterprise network and the user applications. The enterprise network can exist without the user applications. User applications can often exist without a network connection.

Cybersecurity threats in this environment include malware, phishing, ransomware and other threats leading to data breaches, financial losses, and disruptions of services.

Factory floor OT systems can be characterized by having a fixed number of users, using a fixed and well-known number of applications, and connecting to a fixed and well-known number of devices of known type and manufacture.

The factory network, combined with a control application, forms a production system. Neither the network or the control application can exist without the other. While cybersecurity threats to factory floor systems can also include data theft, sabotage and intentional or unintentional data leaks from insiders possessing legitimate access, the consequences of failure are fundamentally different.

An IT security breach may result in financial loss or data theft. An OT security failure can kill people. When a safety system gets compromised, when a pressure vessel’s controls are manipulated, when emergency shutdown systems are disabled – workers die. Equipment worth millions can be destroyed in seconds.

Every security decision in OT must be evaluated through this lens: will this change increase the risk to human life or catastrophic equipment failure?”
The number one threat to factory floor systems is the enterprise IT network. There are very limited opportunities for an attacker to reach an OT control network from anywhere but the enterprise IT network.

This isn’t hyperbole – a Fortinet study found that 75% of OT organizations experienced at least one intrusion in the past year, while Rockwell Automation’s ‘Anatomy of 100+ Cybersecurity Incidents in Industrial Operations’ found that 80% of OT attacks pivot from IT networks.

IT/OT convergence makes this problem worse

This converged threat is compounded when enterprise IT attempts to impose its policies without understanding OT requirements. Restrictive IT policies applied to OT environments directly cause shadow IT in manufacturing: operators forced to choose between following policy and keeping production running creating workarounds that bypass security controls entirely.

Combining two organizations with different goals, applications, and operating philosophies is akin to merging basketball and football teams. Both want to win games, but what’s important to them and how they move a ball around a playing field is completely different.

Personnel from each organization are skilled in the application of Ethernet, but the particular methods they use to meet their organization’s objectives are different: how they solve problems, the training they need and the focus they have and the tools they use are all different.

This is nowhere more apparent than in the choice of cybersecurity tools. IT cybersecurity tools are designed for flat networks and focus on ransomware, malware, phishing, social engineering, insider threats, data breaches, DDoS attacks, supply chain attacks, third-party exposure, and vulnerabilities in cloud and IoT devices. OT networks require no such complicated cybersecurity tools. In fact, many enterprise IT cybersecurity tools are all but useless in OT systems with five, six or even seven hierarchical layers of switches.

OT threats are principally from the enterprise IT network. OT cybersecurity requires a fundamentally different approach, as the users, applications, devices and messages never vary. This predictability enables deny-by-default systems, such as the Dynics ICS Defender (https://dynics.com/cybersecurity/ics360defender/), which explicitly define allowed communications and block everything else.

The key distinction is that effective OT security tools are designed for deterministic environments with known users, applications and traffic patterns – not the unpredictable chaos of enterprise networks. Yet most vendors still push rebranded IT solutions.Cooperation not convergence is needed

Over the past two decades, boosters have cited the widespread adoption of Ethernet and TCP/IP on the plant floor as proof that a full-scale amalgamation of IT and OT is both inevitable and beneficial. The logic is seductively simple: shared protocols imply shared management. Yet protocols alone cannot erase the profound differences in mission, lifecycle, and risk posture that separate corporate networks from production lines.
Unfortunately, the reality is less a seamless fusion and more akin to forcing a cat and a Roomba to cooperate simply because they both occupy the floor. Treating them as a single domain threatens both cybersecurity and operational resilience.

Instead of that full-scale amalgamation of IT and OT, a forward‑leaning alternative is required: disciplined cooperation. Unfortunately, this is often not the case. The enterprise IT organization often imposes requirements that hinder the OT organization from achieving its goals of availability, integrity and confidentiality, failing to recognize that overly restrictive policies drive the very shadow IT behaviors they seek to prevent.

The mission of OT must be respected. The OT organization must have the authority to choose the architecture, equipment and tools that meet the particular requirements of the production systems they operate and maintain.

However, with this authority comes responsibility. When IT defines specific data requirements from production systems, OT must be prepared to deliver. Meeting these requirements means establishing clear levels of service – defining what the network can reliably provide and committing to those specifications.

This requires OT organizations to have the expertise and tools to implement network architectures that satisfy both production needs and agreed-upon service expectations.

By embracing boundary‑respecting cooperation, shared vernaculars, and mutual commitments to defined service levels, organizations can harvest the agility they crave without sacrificing the deterministic performance and safety their factories demand.

John Rinaldi, Chief Strategist, Real Time Automation; and River Caudle, Chief Strategy Officer, River Risk Partners.