



India’s manufacturing sector is undergoing a digital transformation at an unprecedented pace. Smart factories, Industry 4.0 initiatives, and government programs like Make in India and PLI schemes are driving deep integration between Operational Technology (OT) and Information Technology (IT) networks. But this convergence opens a new and dangerous attack surface — one that most enterprise security teams are dangerously unprepared for.
Cybercriminals and nation-state actors have noticed. Attacks on industrial control systems (ICS), SCADA environments, and manufacturing execution systems (MES) have increased significantly across Asia-Pacific, with Indian facilities increasingly in the crosshairs. The consequences are no longer theoretical: production halts, ransomware targeting PLCs, and data theft from engineering systems are live threats today.
Traditionally, OT networks — the systems that run machinery, sensors, and industrial processes — were physically isolated (“air-gapped”) from corporate IT networks. That isolation was itself a security control. As factories connect production floors to ERP systems, cloud dashboards, and remote monitoring platforms, that wall disappears.
The result is a hybrid environment with fundamentally different security requirements on each side:
When IT threats reach OT environments, the playbook breaks down entirely. Standard endpoint detection agents cannot run on PLCs. Standard patch cycles are impossible. And the blast radius of a successful attack — a production line shutdown, a safety system compromise — is orders of magnitude more severe than a typical IT breach.
Several threat patterns are actively targeting Indian industrial environments:
Ransomware operators increasingly use IT network access as a pivot point to reach OT systems. Once inside the corporate network, threat actors move laterally — targeting historian servers, SCADA interfaces, and engineering workstations. Even if the ransomware cannot encrypt the PLC itself, it can encrypt the Windows-based HMI that operators use to control it, effectively shutting down production.
Industrial vendors, integrators, and OEM support teams routinely require remote access to production systems for maintenance. This remote access — often via poorly secured VPN tunnels or even direct RDP — has become a favoured entry point. Attackers compromise the vendor first, then use legitimate credentials to reach the industrial environment.
Advanced persistent threat (APT) groups — particularly those with state backing — target Indian manufacturers for engineering drawings, product specifications, and process recipes. Sectors including defence, aerospace, pharmaceuticals, and semiconductors are high-value targets. The objective is not disruption but long-term, quiet exfiltration.
Unencrypted industrial protocols like Modbus TCP and older PROFINET implementations can be eavesdropped or injected with malicious commands by any attacker with network access. With IT/OT convergence, what was once inaccessible from the internet is now reachable from a compromised laptop on the corporate Wi-Fi.
The good news: securing converged environments is achievable with the right architecture. Here is a proven framework that PJ Networks recommends and deploys for Indian manufacturing clients.
The Purdue Enterprise Reference Architecture (PERA) defines network zones from the corporate (Level 4–5) down to the field device layer (Level 0–1). A properly configured FortiGate Next-Generation Firewall at the IT/OT boundary enforces:
Replace legacy VPN-based remote access with FortiGate ZTNA. Under ZTNA, every remote session is verified against identity, device posture, and time-of-access policies — before any connection is granted. Vendor engineers get access only to the specific machines they need, only during approved maintenance windows.
Key benefit: Even if a vendor’s laptop is compromised, the attacker cannot move laterally beyond the specific asset the vendor was permitted to access.
Standard SIEM tools are IT-centric — they do not understand industrial protocols or OT device behaviour baselines. An effective OT security programme requires:
Many OT devices simply cannot be patched without a production window that occurs quarterly or annually. A compensating controls strategy is essential:
Indian manufacturers must now factor two major regulatory frameworks into their OT security posture:
The CERT-In directive requires reporting of cyber incidents — including ransomware attacks and unauthorised access — within six hours of detection. For OT environments, this creates a specific challenge: detection capability must be in place before an incident occurs. Manufacturers relying on operators to “notice something wrong” will miss the six-hour window. A 24/7 managed SOC with OT visibility is the only reliable way to meet this requirement.
The Digital Personal Data Protection (DPDP) Act applies when OT systems process personal data — for example, employee biometric access systems integrated with production floor entry, or customer-linked order management systems connected to manufacturing execution. Conduct a data mapping exercise to identify personal data flows into and through OT-adjacent systems, and apply appropriate access controls and logging.
How do you know if your OT security programme is working? Track these indicators:
In our experience deploying OT security programmes for Indian industrial clients, these are the most frequent pitfalls:
PJ Networks brings deep Fortinet expertise and a proven OT/IT convergence security methodology to Indian manufacturers. Our managed security service for industrial environments includes:
We work with manufacturers across automotive, pharmaceuticals, chemicals, food processing, and electronics sectors — helping them mature their OT security posture without disrupting production.
If you are starting from scratch, a pragmatic 90-day roadmap looks like this:
OT/IT convergence is not slowing down — if anything, the pace is accelerating as Indian manufacturers chase digital transformation goals. The security gap this creates is real, measurable, and actively exploited. But with the right architecture — anchored by FortiGate NGFW at the IT/OT boundary, ZTNA for remote access, and a 24/7 SOC with OT visibility — Indian manufacturers can move fast without creating the kind of exposure that ends careers and halts production lines.
The question is not whether to secure your converged OT/IT environment — it is whether you will do it before or after an incident forces the issue.
PJ Networks helps Indian manufacturers build and operate mature OT security programmes. Contact us to schedule an OT risk assessment or to discuss a managed security engagement tailored to your production environment.