In our previous post, Building Cyber Resilience in Industrial Control Systems, we covered how frameworks such as IEC 62443, NIST CSF, and the SANS Top Five provide manufacturers with a solid foundation for cyber resilience. But let’s be honest,  standards don’t implement themselves.

Tools can’t make decisions.

Checklists don’t protect uptime.

It’s people and process that turn standards into results.

Reshoring Is Changing the Game for OT Cybersecurity

The geopolitical climate is accelerating the push to bring manufacturing home. As highlighted in NIST’s “What’s Coming for U.S. Manufacturing in 2025”, the next wave will be driven by automation, AI, and data-driven production. Factories are getting more intelligent, more connected, and more exposed. To make that work safely, you’ll need qualified local resources you can trust.

The OT Skills Gap 

The SANS 2024 State of ICS/OT Cybersecurity Report notes that more than half of today's cybersecurity professionals have less than five years of experience. Meanwhile, reshoring is landing in regional hubs and mid-size towns where talent pools are thinner. The takeaway: you need qualified local resources who understand automation, safety, and uptime.

Find the Right Mix: 24×7 SOC or Fractional OT Support

Not every plant needs the same thing. Some operations require a 24×7 OT Security Operations Center (SOC) for continuous monitoring and incident response. Others need fractional OT security expertise,  a few hours a week or a month to guide governance, risk, and compliance. The key is a flexible model that delivers coverage without headcount you can’t support full-time.

Segmented OT Networks Need Segmented ITSM & Observability

Segmenting OT networks shouldn’t stop at the switch. Your ITSM and observability needs a balance of integration and segmentation, too. That means:

• Dedicated OT service queues and change windows in tools like ServiceNow,  not a separate tool just for OT. 
• Role-based dashboards that distinguish OT events from enterprise noise, but are integrated into existing IT systems. 
• Policies and SLAs tuned for plant realities (no surprise reboots mid-run).  

Your CISO may not know every industrial protocol, but they do understand that technology requires support, accountability, and visibility. Extending ITSM and dashboards into OT brings OT under governance without breaking operations.

Too Many Tools, Not Enough Value

If you’ve read the analyst reports, you’ve seen a long list of “must-have” cyber-physical security tools.  Many companies bought them all and discovered the problem wasn’t technology, it was a lack of skilled people or improper integration. Five dashboards won’t save a shift. You need an operating model that unites people, process, and a curated toolset into one straightforward workflow for detection, response, and reporting.

Practical Cyber Resilience for Real Manufacturers

If you’re a mid-size factory in a medium-sized town, you don’t need enterprise-scale everything. You need practical coverage that helps you see the network, monitor continuously, respond efficiently, and report confidently without breaking the budget.

About Surya Technologies

Surya Technologies helps industrial organizations build resilient, secure operations through managed OT cybersecurity services. Powered by Claroty and integrated with platforms like ServiceNow, along with our local and global SOC teams, Surya brings together visibility, monitoring, and process automation to help manufacturers See. Segment. Secure. Sustain.

References: NIST Manufacturing Innovation Blog (2025) · SANS 2024 State of ICS/OT Cybersecurity Report · Prior post: Building Cyber Resilience in ICS