Notifications
Clear all
Topic starter
06/06/2026 11:34 am
TL;DR: Manufacturing IT/OT convergence is widening the attack surface because legacy OT assets, shared accounts, vendor access and poor visibility still block consistent identity control, according to an IDC InfoBrief sponsored by Imprivata. Identity-first governance is now the deciding factor between operational efficiency and a larger blast radius.
NHIMG editorial — based on content published by Imprivata: IT/OT convergence challenges in manufacturing
By the numbers:
- 46% cite security concerns as the #1 issue
- 15+ years old in ~50% of manufacturers, ~50% of manufacturers, complicating secure integration with IT systems
- Only 30% of manufacturers can deliver real-time data to frontline workers, highlighting integration gaps
Questions worth separating out
Q: How should security teams govern identity in IT/OT convergence projects?
A: Security teams should govern IT/OT convergence as a single identity problem across enterprise systems, plant systems and third-party support.
Q: Why does IT/OT convergence increase identity risk in manufacturing?
A: IT/OT convergence increases identity risk because it connects environments that were never built around the same authentication, authorization or audit model.
Q: What breaks when manufacturers keep shared OT accounts after convergence?
A: Shared OT accounts break accountability first and detection second.
Practitioner guidance
- Map identity boundaries across IT and OT Document where enterprise credentials, local OT accounts and third-party support identities are used, then flag any system that allows cross-domain reuse without explicit policy.
- Eliminate shared credential dependencies Replace generic OT logins with named, attributable sessions on shared endpoints wherever production workflows allow.
- Constrain vendor access to task scope Require time-bound permissions, session recording and vault-based credential release for maintenance partners.
What's in the full article
Imprivata's full blog covers the operational detail this post intentionally leaves for the source:
- The article’s full breakdown of how identity-driven access controls are applied across shared workstations, vendor support and plant systems.
- The operational examples showing where remote access, centralized policy and session monitoring fit into manufacturing workflows.
- The detailed explanation of how convergence changes compliance, visibility and accountability requirements in practice.
- The vendor’s framing of how its access model is positioned for mission-critical industries.
👉 Read Imprivata’s analysis of IT/OT convergence challenges in manufacturing →
IT/OT convergence and identity gaps in manufacturing security?
Explore further
06/06/2026 12:27 pm
IT/OT convergence turns identity into the shared control plane for manufacturing. The article shows that the old separation between enterprise IT and plant OT no longer matches how work is done. Once production data, remote support and analytics share the same environment, access policy has to be consistent or the weakest identity domain becomes the entry point. The implication is that manufacturing security programmes should treat identity as the connective tissue between uptime and resilience.
A few things that frame the scale:
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, 46% confirmed and 26% suspected, according to the 2024 ESG Report: Managing Non-Human Identities.
- Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months, which shows how quickly one identity failure can repeat across systems.
A question worth separating out:
Q: Who is accountable when vendor access reaches OT systems through convergence?
A: The manufacturer remains accountable for the access path, even when a vendor performs the work. Governance must define ownership for approval, monitoring, session closure and exception handling, because third-party support does not remove the need for internal control over plant access.
👉 Read our full editorial: IT/OT convergence is exposing identity gaps in manufacturing
