Manufacturing employees are trained for IT, then expected to secure operational technology, which creates problems for cyber defense.
By Keatron Evans, VP of Portfolio Product at Infosec Institute
A cybersecurity professional at a major medical center realized their mismatched training the hard way. They ran a routine port scan, which is standard security protocol on any corporate network. When that scan hit the hospital’s medical imaging equipment, an X-ray machine malfunctioned and nearly burned a patient. The professional wasn’t being careless. They were following their training. The problem? That training was designed for IT systems, not operational technology.
This mismatch isn’t rare. It’s what happens when we apply corporate IT security approaches to connected factory floors. The consequences range from production disruptions to actual safety incidents.
Manufacturing cybersecurity lags 15 to 20 years behind corporate IT security, not because manufacturers are careless, but because the industry evolved differently. While enterprise IT spent decades developing security practices, manufacturers relied on physical isolation. Air-gapped systems didn’t need firewalls or intrusion detection. They just needed to keep running.
I once worked with one of the world’s largest SCADA networks. During my first meeting, they made their priorities clear: “All we care about is uptime.” Millions of gallons of chemicals flow through water treatment systems every day. One minute of malfunction means poisoned water. One hour of production downtime can result in millions of dollars in losses.
This focus on availability made sense for isolated systems. But in traditional security, availability is only one-third of the CIA triad — Confidentiality, Integrity and Availability all matter.
Here’s what changed: the biggest threat to availability is now cyberattacks. In 2024, manufacturing saw a 71% surge in threat actor activity. When ransomware locks up production lines, availability vanishes. The very strategy manufacturers used to protect uptime now threatens it.
The shift happened gradually, then suddenly. IoT sensors appeared on factory floors. Remote access became necessary for maintenance. Supply chain partners needed real-time integration. The air gap evaporated, but the training infrastructure couldn’t keep up.
Here’s the core problem: Manufacturing systems were designed for reliability, not security. Many run on technology so old there’s no way to patch it without replacing entire systems. Traditional cybersecurity training, meanwhile, teaches tools and techniques that assume you can take systems offline and focuses on protecting data rather than understanding operational impact.
This mismatch creates dangerous knowledge gaps. Cybersecurity professionals learn to run port scanners and vulnerability assessments, but applying those same techniques to operational technology can lead to equipment malfunctions or production shutdowns. The training they received simply doesn’t account for the reality they’re securing.
The solution isn’t finding better cybersecurity professionals or better manufacturing engineers. It’s rethinking how we train both groups.
Here’s the shift that makes sense: stop trying to teach factory operations to cybersecurity professionals. Instead, teach security to the people who already understand your manufacturing environment.
Your manufacturing engineers already know the equipment, the processes and the constraints. They can look at a security recommendation and immediately determine whether it would shut down production or compromise a safety system. That operational knowledge is harder to teach than cybersecurity fundamentals.
Manufacturers consistently cite a lack of skilled workers as their biggest competitive challenge, according to Rockwell Automation’s research. But the skills gap isn’t about finding new people. It’s about developing the people you already have.
That’s why training is evolving from generic security courses to OT-specific programs built around real manufacturing scenarios. Instead of theoretical exercises about detecting phishing emails, professionals learn to spot unusual behavior in a programmable logic controller. They practice distinguishing a security incident from an operational issue. They respond to malware on systems that control active production — all in safe lab environments that reflect actual industrial control systems.
The difference is immediate. When someone crashes a simulated production line during training, they understand exactly why that security technique doesn’t work in manufacturing. They learn the consequences before those consequences happen on your factory floor.
Here’s where AI becomes more than just another technology buzzword. It’s compressing the timeline for developing these hybrid skills in ways that weren’t possible even a few years ago.
AI-powered training platforms can look at a mechanical engineer with 15 years on the factory floor and build a completely different learning path than they would for a recent IT graduate. The engineer doesn’t need lessons on how PLCs work; they need security principles applied to the systems they already know. AI adapts to that.
The simulation environments work the same way. Make a mistake? The AI explains why and adjusts the next scenario to reinforce that specific lesson. It’s like having a personal instructor who knows exactly what you need to practice based on your performance so far.
The global cybersecurity workforce gap has reached nearly 4.8 million unfilled roles. Technology won’t close that gap. We need people, and AI can accelerate how quickly those people develop the expertise you need. What used to take years of on-the-job experience can now happen in months through intelligent, adaptive training that meets each person where they are.
Training alone won’t solve the manufacturing industry’s security challenge. You need organizational change, too.
For decades, security was viewed as something that slowed production down. The shift: recognize security as what keeps production running. Frame it through operational priorities: preventing downtime, protecting safety systems, ensuring continuous production. Operations teams stop seeing security as the enemy.
Leadership makes this possible by allocating time for training without penalizing production metrics, investing in OT-specific tools and training, and creating career paths for hybrid roles.
Cross-functional training brings both sides together. Security professionals learn manufacturing realities. Manufacturing professionals learn security principles. Both stop talking past each other.
The urgency is real. According to IBM, the average cost of a data breach in the industrial sector is $5 million. Threat actors aren’t waiting for manufacturers to get their security house in order. But you can’t wait for perfect solutions either. Start with your existing workforce.
Assess current skills across operations and IT teams. Identify high-potential candidates who understand your systems and show aptitude for security thinking. Launch pilot programs where you can learn and iterate. Partner with training providers who actually understand OT security, not just cybersecurity buzzwords. Use AI-powered tools to compress the timeline.
Organizations developing these hybrid skills now aren’t just preventing attacks. They’re building a competitive advantage. When the next attack hits — and it will — they’ll respond effectively while competitors scramble. They’ll be ready as connectivity increases across factory floors. They’ll have the workforce for Industry 4.0.
This is about building the manufacturing workforce of the future, where understanding both production and protection is just how the job works. The question isn’t whether to make this shift. It’s whether you’re going to lead it or get left behind.
The Rise of American Manufacturing: A New Industrial Era
Scott Ellyson, CEO of East West Manufacturing, brings decades of global manufacturing and supply chain leadership to the conversation. In this episode, he shares practical insights on scaling operations, navigating complexity, and building resilient manufacturing networks in an increasingly connected world.
Get In Touch
Google news and SEO compliant, Industry Today’s state-of-the-art digital media platform offers bespoke media campaigns that target key decision makers and buyers to achieve your marketing and promotional goals.
Contribute
Showcase your brand and promote your business to our highly targeted audience. We offer detailed Google Analytics with measurable ROI to assure success. Submit your content for review by our Editorial team who will contact you to discuss the project further.
About Us
Reach Your Targeted Audience and Grow Your Business. Learn more About Industry Today.
Contact Us
© 2026 Industry today. All Rights reserved.
