Podcast: Why IT and OT remain out of sync and how manufacturers can bridge that gap

How can the two converge and operate in less “siloed” ways, especially to ensure cybersecurity? Scott Achelpohl of Smart Industry explores these questions with Almog Apirion, CEO of Cyolo, an OT cybersecurity solution provider, in this episode of Great Question: A Manufacturing Podcast.

Scott Achelpohl

Sept. 23, 2025

4 min read

What you'll learn:

OT is more connected than ever. The old approach of “if it's not reachable, it's not breachable” is dead.
IT and OT cooperation is critical but is sometimes hard to achieve because of misaligned incentives and fear of losing control.
The demand for IoT integration and digital transformation is accelerating IT and OT convergence. But there are several other forces at work.

68d17eb8d5fba749ad1c061a Shutterstock 2301475857gq

A year-by-year Deloitte survey, as recently as 2024, spotlights how out of sync operational technology and information technology—their technologies, their staffs, their processes, their missions—remain at manufacturers.

When there’s so much pressure for companies to modernize, digitally transform, and converge OT and IT, especially when cybersecurity might depend on it, these “silos” are no longer sustainable, profitable or efficient.

This is a multifaceted topic, but it obviously has cybersecurity implications—and we enlisted an OT cybersecurity expert, Almog Apirion, CEO and co-founder of Cyolo, to help break it down on this episode of Great Question: A Manufacturing Podcast with Smart Industry's Scott Achelpohl.

So many companies are under pressure to modernize, digitally transform, and converge their OT and IT people and processes. This connectedness that OT especially is experiencing often opens up plant systems, that haven’t been built to be networked, to a multitude of cyberthreats by the time they ARE connected.

Below is an excerpt from the podcast:

Scott Achelpohl: Why do you think there's so much pressure now on manufacturers to tear down the silos that exist between OT and IT? What are the incentives to do so?

Almog Apirion: So, first of all, OT is more connected than ever. The old approach basically said, “If it's not reachable, it's not breachable.” But that approach is dead.

IT is expected to be a business enabler, not a blocker. So, their practices are now tightly interdependent. When they work together, uptime, safety, and compliance improve—and the business wins. And that’s not even talking about all the future benefits coming from AI.

SA: Even when both IT and OT agree that cooperation is critical, why is it still so hard to make it happen?

AA: I think it’s mainly misaligned incentives and fear of losing control. If you give OT predictable uptime and IT enforceable policy and visibility at the identity and session level, suddenly IT empowers the line of business instead of slowing it—just as an example.

SA: When that alignment does click, what organizational benefits do you see first and foremost, clearly?

AA: It’s better business results at the end of the day—less downtime, lower cyber insurance rates, regulatory alignment, and better productivity. And I think that both security and OT are looking at uptime altogether. The guys from security are looking at the things that can compromise uptime for, you know, security reasons, but they’re serving basically the same need.

SA: OK, Almog, so digital transformation and network operations connected to IoT—IIoT, excuse me—or even legacy plant equipment that must be connected is placing pressure on IT/OT convergence. What other forces are at work here?

AA: You’re absolutely right, Scott. The demand for IoT integration and digital transformation is accelerating IT and OT convergence. But there are several other forces converging at the same time that add to the pressure.

First, there’s the growing demand for operational agility—whether it’s remote troubleshooting, predictive maintenance, real-time analytics, or even modern industrial operation. Operations require fast and flexible access to systems that were historically siloed.

That means, basically, more external vendors, more remote access, and more interconnectivity—often with legacy systems that were never designed with security in mind.

Second, the regulatory pressure. Frameworks like NIS2 in Europe, TSA directives in the U.S., and sector-specific standards like IEC 62443 are pushing organizations to enforce stronger segmentation and access controls, all of which demand tighter coordination between IT and OT teams.

And third, there is a growing cyber risk landscape that we need to address. Threat actors are not waiting for organizations to finish convergence. They’re actively exploiting this transitional phase. So, we’re seeing a clear need for solutions that can bridge this environment securely without requiring a full rip-and-replace approach.

About the Author

Scott Achelpohl

I've come to Smart Industry after stints in business-to-business journalism covering U.S. trucking and transportation for FleetOwner, a sister website and magazine of SI’s at Endeavor Business Media, and branches of the U.S. military for Navy League of the United States. I'm a graduate of the University of Kansas and the William Allen White School of Journalism with many years of media experience inside and outside B2B journalism. I'm a wordsmith by nature, and I edit Smart Industry and report and write all kinds of news and interactive media on the digital transformation of manufacturing.