Securing the Factory Floor at Scale: ISA/IEC 62443 OT Security Assessment Across 20 Plants

Manufacturing | OT Security | ISA/IEC 62443

The Challenge

A large automotive components group operating 20 manufacturing plants across multiple Indian states had no standardized framework to assess or govern cybersecurity risk across its OT/ICS environments. Each facility ran a mix of PLCs, SCADA systems, and industrial networks with varying levels of exposure — and no visibility into the attack surface as a whole. Escalating regulatory scrutiny and a series of near-miss incidents made it critical to act decisively and consistently across all sites.

Our Approach

• Conducted structured OT security assessments at all 20 plants using ISA/IEC 62443 as the evaluation framework, covering Zones & Conduits, security levels, and risk prioritization

• Embedded directly with site-level OT and maintenance teams at each facility to validate findings against real operational context, not just documentation

• Developed site-specific risk registers and remediation roadmaps, categorized by criticality, operational impact, and implementation effort

• Delivered a consolidated enterprise-wide OT risk posture report enabling group-level security governance and investment planning

Outcomes

• 20 manufacturing plants assessed against ISA/IEC 62443 within a rolling 24-month program

• Critical IT–OT network boundary gaps identified at 100% of sites, including unsegmented flat networks and unmanaged remote access vectors

• Audit non-conformities reduced by up to 70% across assessed facilities following remediation action

• Established a repeatable, site-portable assessment methodology enabling future reassessments with minimal ramp-up time