When IT Meets OT: The Challenge of Connecting Cabinets to Cloud
The physical-digital interdependence is tightening. Power, transportation, and even manufacturing systems have more interwoven networks than ever before.
An early 2025 study found that 70% of manufacturers expected to implement Industry 4.0 technologies by the end of that year. And a global survey projects more than 39 billion OT devices to be connected online by 2035, up from 18.5 billion in 2024.
“It’s not practical to open every motor housing and check it every day, explains Keyfive CTO Daniel Barnett. “That is now in the scope of IT systems because the underlying systems are too complicated to just be a wrenches and screwdriver solution.”
It’s why more organizations are pursuing IT/OT convergence as part of the broader automation wave that’s been rolling forward since the microprocessor era began.
IT/OT and the Information-Based Economy
“The trend in IT is towards more power, more compute, and cheaper bandwidth. So, automation of OT systems has become a real target for maintenance and prediction, for understanding performance, availability, and readiness,” Barnett explains.
It’s the natural evolution of an information-based economy that is leveraging automation to identify risks, optimize performance, and avoid failures.
“It brings computer principles and lessons learned from IT into OT. And it already occurs at every conceivable scale,” Barnett explains, describing how most generators today come equipped with sophisticated control and monitoring systems.
Simply put: OT is getting computerized whether we like it or not. So, the question becomes how to connect and automate across legacy assets and industrial systems without breaking what already works.
IT’s Challenge: Accessing the Cabinet
A key challenge of merging IT and OT environments involves “the wide spectrum of technological capabilities within a single OT environment, especially with the acceleration of IT over the last few decades,” Barnett explains.
The Cybersecurity & Infrastructure Security Agency (CISA) reports that many legacy industrial control systems (ICS) run on outdated operating systems and continue to use older protocols that “lack encryption or authentication mechanisms,” leaving them vulnerable when connected to broader networks.
“Once you’re inside the cabinet, so to speak, there’s no security on anything. The attacker owns everything. So, when we start talking about connecting these OT systems up to IT systems, there needs to be a hard boundary between the local closed loop and the Internet.”
“Once you're inside the cabinet, so to speak, there's no security on anything. The attacker owns everything,” Barnett warns. “So, when we start talking about connecting these OT systems up to IT systems, there needs to be a hard boundary between the local closed loop and the Internet.”
Introducing any new element within a closed loop comes with an inherent risk, but recording data locally doesn’t allow for any meaningful analysis. So most modern solutions make a lot of trade-offs.”
“Connectivity in terms of making it fast, easy, and compliant is still a sticking point,” Barnett says. “Nobody wants to risk the functionality of the system, no matter what insights they hope to gain. So, you have to be clever with how you work around these boundaries and make smart use of any data you collect to optimize connectivity.”
OT’s Challenge: Long-Lived Assets vs. Fast-Moving Threats
When connections are successful, there is no plugging it in and walking away, Barnett cautions.
Traditionally, OT operators have been of the mindset of “buy it once, buy it right.” But because of how rapidly IT is advancing and the persisting threat of cyber-attacks, it is mandatory that systems are designed to be flexible and continuously upgraded.
“OT devices typically have longer useful lives. Operators are used to wiring it up, testing it, then walking away until the next maintenance check months or years into the future,” Barnett explains. “But OT control systems are so complex now, that that's not an option. Nothing is a toaster.”
Barnett uses the toaster metaphor to describe how modern systems must be designed to be run by software and on the internet—not for a single use case offline. Instead, upgrades are necessary and expected for any modern device to function within a connected system (much like updates on your computer or phone).
"When working with OT systems, we need to get into more of the adaptability, upgradeability kind of mindset, even if the devices themselves have long life cycles,” he reasons. “I imagine that's a natural point of friction, because no one wants to be told they’re going to need to upgrade their stuff all the time.”
This can be especially challenging when working across systems, budgets, and teams, where scheduled upgrades also require organization-wide coordination and may slow production or cause downtime.
What does successful IT/OT convergence look like?
A 2025 Deloitte analysis of utilities found that IT/OT integration “goes beyond technical integration, emphasizing cultural alignment and unified governance.” True convergence demands new mindsets, cross-functional teams, and leadership support. Thus, alignment at the organization level is an absolute must in order for these systems and the teams to play nice with each other.
“There must be generosity from both sides of the house that results in them pursuing the goal together. You have to be generous with your ideas and the places you can be flexible,” Barnett says.
OT teams need to accept some of the volatility and dynamic changeability of the IT systems and focus more on non-physical threats. And IT teams need a heightened discipline for upgrading and working around the functionality of the machines.
“Your feature has to be designed with backwards compatibility and forwards compatibility,” Barnett says. “You do need some vision. You do need some awareness of what can be done and some judiciousness about what a good AI project looks like versus a bad AI project.”
“But I think we're past the point where we can say, ‘oh, I don't need that,’” he adds. "Successful companies are aggressively pursuing these things because they see the advantage. It’s time to start automating these systems with plenty of lessons learned.”
Partnering with Keyfive
Alignment and governance are the prerequisite, but they still need a technical framework that respects OT reality. That’s why Keyfive’s digital twin solutions rely on approaches like passive sensing and secure-by-design architecture that create a hard boundary between critical control systems and internet-connected analytics.
In practice, Keyfive helps teams bridge old and new systems with software-oriented flexibility while building for long-term upgradeability, security maintenance, and real operational outcomes (readiness, utilization, and compliance), not just more data. Request a demo today.