I speak to a lot of admins in my day-to-day and notice that many feel stressed and unprepared at the moment. They’re stressed due to growing attack vectors and hacker attention, with ransomware actors knowing downtime can equal disaster in manufacturing and subsequently ramping up their efforts.
Similarly, there’s an unshakable air of unpreparedness in plugging known holes – IT and OT still don’t see eye to eye, legacy technology and protocols aren’t always up-to-date and ecosystem visibility isn’t where it needs to be.
The result is that leaders are often firefighting issues as they arise rather than foreseeing them ahead of time. We conducted a survey of 1,200 admins in July and found that two-thirds of organizations remain reactive with indicative or alarm-based alerts.
They want and need to graduate to integrated, intelligent and predictive operations, but the path to automated anomaly detection and better ecosystem oversight requires strategic steps most haven’t mapped out yet.
Let’s consider what this next level of monitoring looks like and how to achieve it.
Why manufacturing’s monitoring gap matters
Several legacy issues are coming to a head in manufacturing and negatively impacting monitoring.
First, digital transformation is forcing machinery designed for isolation into connected environments. Data is increasingly flowing between the factory floor and the enterprise network, despite legacy communication protocols often lacking authentication, encryption and session integrity.
Compounding this challenge, some machinery is so old that know-how is only available on coffee-stained printouts from the ‘90s or tribal knowledge from company veterans, creating a “brain drain” whenever long-serving team members retire.
This issue is further exacerbated by the longstanding division between IT and OT. The two have never worked hand in hand – with the former focusing on data security and network performance and the latter on operational continuity and production efficiency – but traditional boundaries are more blurred than ever. The result? Silos and blind spots that hackers exploit.
Manufacturing ransomware is up almost 50% quarter-on-quarter because bad actors know that poor communication and defenses between IT and OT are their best bet of getting inside. Additionally, they’re aware that unplanned production pauses can cost upwards of $10,000 per hour, which often prompts many leaders to pay to regain access.
The true cost of reactive monitoring
Manufacturing leaders know that time is money and there’s little choice but to evolve, improve their monitoring and protect bottom lines. This is a very real concern as the world’s top companies lose an estimated $1.5 trillion annually to unexpected downtime. But pulling this off is easier said than done.
When asked in our survey about monitoring maturity on a scale of 1 to 5, about 60% classified themselves at level 2 – basic alarm or notification-based monitoring. This means they receive warnings when something’s already happening and hope there’s enough time to respond. It’s a start, sure, but it does nothing to prevent hackers before they’re at the gate and actively penetrating for weaknesses.
Only 10% have reached level 4 with intelligent systems that can predict events and just 3% have achieved level 5 – the holy grail where systems both predict problems and recommend solutions. The vast majority are therefore stuck in reactive mode.
This matters because more proactive network monitoring delivers both security and operational benefits. I saw this at an aerospace manufacturer that used predictive monitoring to oversee its CNC machines, robotic assembly systems and quality control stations with Modbus TCP.
During an evening shift, thanks to recorded baselines that cross-referenced past performance, the system predicted a problem and alerted admins to check a PLC. Ultimately, the PLC was found to be misconfigured in earlier maintenance work, but the investigative heads-up prevented an estimated 24 hours of production downtime.
Or, looking at this another way, the company regained an estimated 24 hours of expected production output.
The path to predictive maintenance and proactive monitoring
In my extensive conversations, admins understand the challenges and see the benefits of maturing their monitoring. However, they aren’t always sure of how or where to begin.
I find that different approaches work for different companies, but three paths consistently deliver results:
- Cross-team collaboration: Bridge the divide and get IT working with production and controls engineers to understand OT network designs and connected equipment. Documentation gaps become the biggest hurdle here since most of these networks grew organically over decades with barely any formal records. Creating that foundation becomes a joint effort that breaks down silos and encourages teamwork.
- Security-driven integration: In other cases, the push for closer integration comes from cybersecurity teams who recognize they need to oversee both worlds to secure them effectively. The main challenge here is that IT and OT often lack a clear understanding of each other’s needs, and they’re also dealing with completely different communication methods. This makes it tough to achieve the single pane of glass view that everyone wants, though unified monitoring platforms can help translate between different protocol languages across the aisle.
- Dedicated OT networking teams: The third approach involves companies creating specialized OT network teams. These professionals not only operate and monitor but also strategize industrial operations from a networking perspective. It’s the most comprehensive solution because these teams bring IT backgrounds, understanding the deterministic network requirements of industrial automation while keeping security top of mind.
Whichever path manufacturing decision-makers choose is a step in the right direction. Why? Because this evolution is just as much about future-proofing as it is about moving away from firefighting.
Admins are more often tasked to do more with less while facing off attackers with smarter tools. Manufacturing, too, must get smarter and take every opportunity to catch problems before they turn into disasters.
Mature, predictive and more autonomous monitoring is how we turn network stress and unpreparedness into an ever-ready posture.
David Montoya is the global IoT business development manager for monitoring vendor Paessler GmbH. Montoya is responsible for driving growth in the IoT market and supporting Paessler’s customers and prospects in the manufacturing sector to be prepared for the IT/OT convergence gap. Montoya works with industry leaders to support better interoperability and visibility of machine data, as well as data center supervision, while increasing the scope of technologies with visualization and historical reporting.