Powering IT / OT Cybersecurity for Manufacturing in the AI Era

Authors

Cisco

• Thomas Hopfgartner, EMEA IIoT Manufacturing Lead

Splunk

• Ewald Munz, Head of Manufacturing, Automotive and Sustainability EMEA
• Sahil Gupta, EMEA Partner Technical Manager AWS

AWS

• Samuel AbiDyer, Partner Development Manager Cisco/Splunk
• Rajesh Gomatam, Principal Solutions Architect, AWS Industry and Partner Solutions CoE

New Horizons for Manufacturing with Industrial AI

Industrial AI opens up new horizons for the manufacturing industry and will shape the industrial value creation of the future. It combines GenAI and AI agents with robotics, IoT, digital twins, and advanced analytics to make industrial processes self-learning, efficient, and resilient. Especially in production-related environments, AI is considered key to productivity, competitiveness, and innovation.

As of today, AI adoption in many industrial operations is already established and broad, beyond the pilot phases. For most organizations, AI adoption begins with productivity and cost-efficiency use cases such as automated quality inspection and energy management optimization – establishing a practical foundation for broader transformation over time according to Cisco’s 2026 State of Industrial AI Report and Bitkom, highlighting real-life, Industrial AI case studies in Germany.

However, as a new trend, AI adoption moves from efficiency to resilience. Two out of three organizations plan to expand AI into resilience-focused use cases.

More advanced adopters are more likely to associate AI with resilience, safety, and long-term operational improvement, indicating a shift from tactical efficiency toward strategic value creation. New technologies such as robotics/Physical AI will be a game changer for manufacturing.

The number of humanoids alone is expected to grow from
30M in 2030 to 650M in 2050. This is 22x within 20 years.

— Dr. Adrian Reisch, Partner Ernst & Young

The IT/OT Cybersecurity Imperative: An Inevitable Consequence of AI Adoption

The era of AI in manufacturing is here, but its success depends on unified, smart and scalable IT/OT cybersecurity. As factories integrate Industrial AI to drive efficiency and resilience, the traditional barrier between Information Technology (IT) and Operational Technology (OT) is dissolving. While this convergence unlocks massive potential, it also introduces significant security and operational challenges.

How do you secure a factory floor that is increasingly connected to the cloud? How do you ensure that your data is not just collected, but actionable? How do you ensure NIS2 compliance and alike in this context?

Not surprisingly, Cybersecurity is now the #1 obstacle to further AI adoption, raising the stakes how industrial environments are being protected according to Cisco’s 2026 State of Industrial AI Report.

“Expanding AI adoption elevates cybersecurity risks across industrial environments.”
— Cisco 2026 State of Industrial AI Report

At the same time, participants of this survey cite cybersecurity as both the #1 barrier and the #1 asset: 85% expect AI to improve their cybersecurity posture. While security gaps are limiting AI scale today, organizations view AI as a tool to strengthen detection, monitoring, and resilience.

A Unified, Smart and Scalable Approach with Cisco, Splunk, and AWS

Cisco, Splunk, and AWS are joining forces to provide a unified, smart, and scalable security framework for the modern manufacturer as follows:

• Cisco AI Ready Network - The Foundational Infrastructure

  A high-performance, secure foundation built for the massive data demands of AI. Providing the deterministic connectivity required to transform your factory floor into a smarter, faster, and more competitive operation.

• Cisco OT Security - The 1st Step of Visibility

  At the heart of this architecture is Cisco Cyber Vision. It provides deep packet inspection and asset discovery within the industrial network, turning raw OT traffic into meaningful insights without disrupting production.

• Splunk Agentic IT/OT SOC - The Unifying Intelligence Layer

  Once Cisco Cyber Vision identifies your assets and potential anomalies, Splunk ingests these data sources and leverages a unified IT/OT agentic SOC with advanced security analytics, orchestration and automation.

• AWS Cloud - The Scalable Engine

  To fuel AI-driven manufacturing, you need massive computational power and storage. AWS provides the cloud-native infrastructure to scale these insights, enabling advanced AI/ML models to run on your manufacturing data, whether it’s predictive maintenance or process optimization. In addition, the scalable infrastructure helps you inherit compliance through AWS's own 143 security standards and compliance certifications.

Cisco AI Ready Network - The Foundational Infrastructure

Cisco with its capability to serve a Seamless, Secure, End-To-End networking experience is capable of powering the AI era for manufacturing to its full extend.

With these networks manufacturers are able to:

• High-speed, low-latency, and resilient connectivity: The network provides deterministic and flexible connections between AI applications and production assets, supporting deployment at the industrial edge, plant data centres, or cloud environments. This ensures AI workloads have secure and reliable access to critical data and devices.
• Industrial-grade switching and wireless: Cisco’s industrial Ethernet switches and Ultra-Reliable Wireless Backhaul (URWB) deliver rugged, high-bandwidth, and near-zero latency communications essential for AI use cases like machine vision and autonomous guided vehicles.
• Dual-fabric architecture with Parallel Redundancy Protocol (PRP): This design offers lossless resiliency and high availability for critical Industrial Automation and Control System (IACS) traffic, maintaining continuous operation even during network outages.
• Integrated industrial cybersecurity: The network embeds AI-driven security features that provide visibility into connected assets, enforce zone segmentation, enable zero-trust remote access, and support threat detection and response. This protects production systems and AI applications from cyber risks.
• Unified management and assurance: AI-powered tools offer end-to-end visibility and automation across IT and OT environments, simplifying network operations and accelerating AI deployment.
• Support for AI use cases in manufacturing: Including AI/ML-driven machine vision for quality inspection, virtualization of production assets (HMIs, PLCs), and secure, deterministic data collection from sensors to cloud for AI training and inferencing.
• Validated design and implementation guidance: Cisco provides tested blueprints and best practices to help IT and OT teams converge and digitize production environments confidently, reducing deployment time, risk, and complexity. Validated Design Zone

Cisco Firewall Promotional Splunk Capacity

Cisco and Splunk have teamed up to offer a new integration for security teams: For a limited time, Splunk Enterprise or Splunk Cloud customers who own qualifying Cisco Security Thread Defense (FTD) licenses can now ingest up to 5GB of firewall log data at no additional Splunk licensing cost (terms & conditions apply).

Cisco OT Security Cyber Vision - The 1st Step of Visibility

With Cisco Cyber Vision primarily integrating into Cisco’s Security landscape, it is a powerful cybersecurity solution designed specifically for industrial environments, protecting the robust OT environment. It provides continuous visibility into OT assets and network communications, enabling manufacturers to reduce their attack surface and prevent threats from spreading within their industrial networks.

One of the key strengths of Cisco Cyber Vision is its integration into the security portfolio of cisco and the seamless integration with Splunk. This integration extends security operations centres (SOC) into the OT domain, allowing unified visibility and correlation of security events across both IT and OT environments. Manufacturers benefit from real-time monitoring and analysis of large volumes of security data, which enhances threat detection and accelerates incident response.

The Cisco Cyber Vision Splunk Add-On app offers prebuilt and customizable dashboards tailored for manufacturing and industrial use cases. These dashboards provide comprehensive views. This enables stakeholders - from security analysts to plant floor managers - to monitor OT security posture across multiple sites in near real time.

Key benefits for manufacturing environments include:

• Elimination of security blind spots by aggregating OT security telemetry into a single interface for complete attack chain visibility.
• Enterprise-wide risk management by transforming vulnerability management from isolated site assessments into a strategic program with prioritized risk scoring based on asset criticality.
• Advanced security governance through monitoring of global OT security posture with prebuilt and customizable dashboards.
• Cross-domain threat detection by correlating IT and OT security events to detect sophisticated threats spanning both domains.
• Operational performance monitoring to track asset health, network performance, and operational metrics relevant to manufacturing processes.

Cisco Cyber Vision embeds security capabilities directly into industrial network equipment, eliminating the need for additional appliances and simplifying deployment at scale. It supports adaptive network segmentation with AI-assisted policy recommendations, secure remote access tailored for OT workflows, and feeds rich OT context into IT security tools like Splunk for enhanced threat detection and response.

To ensure scalability is given, Cyber Vision is hostable on AWS like a lot of other solutions from Cisco.

Splunk Agentic IT/OT SOC - The Unifying Intelligence Layer

Splunk has been named a Leader in the Gartner® Magic Quadrant™ for SIEM for 11 consecutive years (2015–2025), confirming sustained leadership in threat detection, investigation, and incident response.

Powering the agentic SOC for unified resilience, Splunk unifies security data, analytics, tools, and AI to automate routine tasks, orchestrate workflows, surface complex insights, and proactively mitigate risk. Splunk redefines security operations by integrating an open data fabric, powerful analytics, cohesive tools, and human-in-the-loop AI into a unified platform.

With Splunk, manufacturers can:

• Transform the security team from a reactive "firefighting" unit into a proactive, strategic function.
• Build a foundational layer of AI-based risk analysis, combining customer profiles, threat intelligence, and asset data to support autonomous prevention, self-healing, and continuous learning.
• Empower defenders to anticipate future attacks and orchestrate outcomes at machine speed.
• Turn SecOps into a force multiplier that enables business innovation while staying a step ahead of the adversary.

As part of this unified resilience, Splunk helps manufacturing organizations build a powerful, next-generation security concept for their factories with the help of a dedicated OT Security Add On. The Splunk Add-on for OT Security expands existing Splunk Enterprise Security frameworks to improve security visibility in OT environments. It reaches across both carpeted (IT) and concrete (OT) environments to better apply Splunk Enterprise Security to improve threat detection, incident investigation and response.

Existing specialized OT Security solutions such as Cisco’s Cyber Vision are ingested as data sources to allow for holistic visibility across IT and OT environments. Cyber Vision feeds directly into this layer via the integration app on Splunkbase, providing the OT telemetry that makes Splunk’s analytics complete.

AWS Cloud - The Scalable Engine

To fuel AI-driven manufacturing, AWS provides the cloud-native infrastructure necessary to scale insights and enable advanced AI/ML models to run on manufacturing data. Whether for predictive maintenance or process optimization, AWS offers massive computational power and storage to support these workloads. Additionally, AWS’s scalable infrastructure helps manufacturers inherit compliance through its adherence to security standards and compliance certifications, ensuring a secure and compliant environment for industrial AI applications.

This scalable cloud foundation allows manufacturers to leverage the full potential of AI by efficiently processing large volumes of data and deploying AI models at scale, supporting the transformation of manufacturing operations into smarter, more resilient, and competitive enterprises.

With AWS, manufacturers can:

• Scale security analytics elastically: Ingest and retain years of OT security telemetry in Amazon S3 and Amazon Security Lake, enabling Splunk's Federated Search to query data in place — reducing cost while maintaining full investigative capability.

• Run AI/ML at industrial scale: The Splunk AI Toolkit integrates natively with Amazon SageMaker, enabling data scientists to train and deploy models directly on operational data — from real-time fraud and anomaly detection to predictive maintenance — without custom ETL pipelines. Predictions flow back into Splunk dashboards instantly, closing the loop between insight and action within the same secured cloud perimeter.

• Accelerate deployment with validated architectures: AWS provides pre-built reference architectures for industrial IoT and OT security workloads, reducing time-to-value and ensuring best-practice configurations from day one.

• Simplify procurement and licensing: Through AWS Marketplace, manufacturers can procure Cisco Cyber Vision, Splunk Enterprise Security, and complementary OT security tools under a single, streamlined commercial framework — consolidating spend and simplifying vendor management.

• Extend to the edge: With AWS Outposts and IoT Greengrass, compute and analytics can run at the factory edge for latency-sensitive use cases, while seamlessly synchronising with centralised cloud services for enterprise-wide visibility.

Together, this forms the scalable engine of the unified architecture: Cisco provides the network and OT visibility, Splunk delivers the agentic intelligence, and AWS ensures it all runs at the scale, speed, and security posture that modern manufacturing demands.

Outlook - Priorities for Industrial Leaders

The findings of Cisco’s 2026 State of Industrial AI Report point to three clear priorities for industrial leaders as AI adoption accelerates but scale remains uneven.

• Foundational readiness determines AI scale
• Industrial AI does not stall due to lack of ideas—it stalls when networks, compute, and operating models are not built for scale.
• Cybersecurity is the biggest constraint and the greatest enabler
• Cybersecurity must be treated as a baseline requirement for AI-ready environments, not a downstream control.
• IT/OT collaboration is essential for AI impact
• AI scale is as much an organizational challenge as a technical one: collaboration enables speed, confidence, and repeatability.

Together, Cisco, Splunk, and AWS are helping manufacturers to build a unified, smart, and scalable foundation to turn IT/OT complexities into their greatest competitive advantage in the AI era.

Want to Learn More? Read-On

• Recording of the webinar
  “Powering IT / OT Cybersecurity for Manufacturing in the AI Era” - On demand link
• Cisco 2026 State of Industrial AI Report
• Splunk CISO Report 2026 - From Risk to Resilience in the AI Era
• Top 10 Cybersecurity Threats in Manufacturing
• New Release: OT Security Add-on for Splunk (v 3.0.1)
• Blog Post: OT Security is the New Avenger in Manufacturing
• Video: Splunk Immersive Experience Center incl. Manufacturing - powered by AWS