UK’s trusted IT infrastructure partner since 2003
sales@servnetuk.com
0800 987 4111
Servnet
ConfiguratorGet in Touch
Industry · Manufacturing · OT

Manufacturing OT/IT convergence: a UK practitioner's view

Servnet Editorial · Manufacturing Practice9 min read

UK manufacturing IT/OT convergence has been talked about for a decade. In 2026, NIS2 + IEC 62443 + targeted ransomware attacks have made it operationally urgent. This is the practitioner's view from Servnet engagements with UK automotive, aerospace, F&B, pharma, and chemicals customers.

IT/OT convergence — Purdue layered stack
5L5 · EnterpriseERP · cloud · M3654L4 · Business / MESMES · LIMS · BI3L3 · Site opsHistorian · OPC UA · OT firewall2L2 · SCADA / HMIPLC supervision1L1 · Control · L0 · FieldPLC · sensors · actuators

The IT/OT divide and why it matters

IT — office network, email, ERP, CRM, file shares. Refresh every 3-5 years. Patched monthly. Microsoft + Linux dominant.

OT — PLCs, HMIs, SCADA, MES, historian. Refresh every 10-20 years. Patched annually or never. Siemens, Rockwell, Schneider, ABB dominant.

The divide existed because OT couldn't tolerate IT-style patch cycles. But in 2026 the air-gap is gone — OT needs internet for remote support, analytics, and predictive maintenance.

The Purdue model in 2026

Level 0-1 — Process (sensors, actuators).

Level 2 — Control (PLCs, HMIs).

Level 3 — Operations + manufacturing execution (MES, historian, SCADA).

Level 3.5 — DMZ between OT + IT.

Level 4 — Enterprise IT (ERP, CRM, business systems).

Level 5 — Cloud + internet.

2026 reality: strict layer separation is increasingly impractical. Modern OT security focuses on monitoring + segmentation + identity-aware control rather than air gap.

The practical 2026 stack

OT asset discovery — Claroty / Nozomi Networks / Dragos for passive monitoring + asset inventory.

Network segmentation — Fortinet FortiGate or Palo Alto NGFW enforcing IEC 62443 zone/conduit.

PAM for engineering access — CyberArk or BeyondTrust hardened jump server for OEM remote vendor access.

OT-aware SIEM — Microsoft Sentinel or Splunk with ICS protocol parsing (Modbus, DNP3, IEC 61850, OPC-UA).

24/7 monitoring — co-managed or fully-managed MDR with OT-aware threat hunting.

IT/OT DMZ — segmentation reference
TLSIT zoneM365, ERPOT firewallInspectionIT/OT DMZHistorian, jumpOT zoneSCADA, PLC

Common UK manufacturer gaps

"We don't have OT cyber issues because we're air-gapped" — almost always wrong. Engineering laptops move between OT + IT. Vendor remote access uses dial-up modems still in production.

OT asset register is a 10-year-old spreadsheet — actual count typically 20-40% higher than recorded.

No incident response plan for OT — IT IR plans don't cover production stoppage.

IT/OT shared credentials — shared admin accounts across plant + corporate.

What Servnet does

Servnet supports UK manufacturers across automotive, aerospace, F&B, pharma + chemicals. Engagement: 1) OT asset discovery + segmentation gap analysis, 2) IEC 62443 + NIS2 alignment, 3) deployment of identified controls, 4) ongoing managed OT + IT cyber.

Key takeaways
  • IT/OT air-gap is gone — modern OT needs internet for support + analytics.
  • Purdue model still relevant but strict layer separation increasingly impractical.
  • Practical stack: OT asset discovery (Claroty/Nozomi/Dragos) + segmentation + PAM + OT-aware SIEM + 24/7 MDR.
  • Common gaps: stale OT asset register, "air-gap" illusion, no OT incident response plan, shared credentials.
  • NIS2 + IEC 62443 are the regulatory drivers for UK manufacturers in 2026.
Frequently asked

FAQs — Manufacturing OT/IT convergence

OT cyber

Do you understand IEC 62443?

Yes — Servnet engineers have IEC 62443 + IEC 61850 + IEC 60870 protocol experience for UK manufacturers + utilities. Most engagements start with OT asset discovery + zone/conduit segmentation design.

Related

Got a question this article didn't answer?

One conversation with an engineer who's done this before. No sales script.

Talk to Servnet →