Why Your Automation Investment Could Be Voiding Your Cyber Insurance: The OT Network Problem

I was in a food manufacturing plant last year where they had just invested seven figures in a new automated packaging line. Connected PLCs. Real-time HMI dashboards. Production data feeding straight into the ERP. Impressive technology, genuinely well-executed automation project.

But their OT network was flat. No segmentation between the business side and the plant floor. The same network carrying Microsoft Teams traffic was carrying SCADA data.

This isn’t unusual. I see it consistently in food and beverage operations that are modernizing quickly — the automation investment outpaces the security architecture, and nobody stops the project to ask what the network implications are.

Why a Flat OT Network Is a Business Risk, Not Just a Technical One

On a flat network, a ransomware infection that enters through a phishing email on a business workstation can reach the PLCs on the production floor. There is no barrier. An attacker who gets into one segment gets into all of them.

For a food manufacturer, the production systems are often the most critical — and the least tolerant of disruption. A PLC that gets encrypted during a production run doesn’t just mean a day of downtime. It can mean lost product, missed retailer orders, FDA reporting obligations, and in some cases, food safety incidents if the disruption affects environmental controls or monitoring systems.

John Robertson, VP of Food and Beverage at Life Cycle Engineering, framed it well: “Protecting core proprietary formulas and ensuring uptime elevates OT cybersecurity to a C-suite priority. In 2026, OT security should transform from an avoidable technical issue into an important business mandate.”

The Cyber Insurance Problem

Here is where this becomes more urgent for every food manufacturer, regardless of their current security posture: cyber insurance carriers are now asking detailed questions about OT environments. The application questions have gotten significantly more specific over the last two years.

Carriers want to know: Is MFA enforced on all remote access? Is EDR deployed to every endpoint? Is there documented segmentation between IT and OT networks? Is there a formal patch management process?

If you can’t demonstrate these controls, the consequences are financial. Premiums go up 30–50%. Coverage limits come down. In some cases, carriers decline to renew. And some policies now include exclusions specifically for incidents that could have been prevented by controls the carrier asked about at renewal — which means your OT network architecture can affect not just your premium, but whether a future claim gets paid.

The Right Time to Address This Is Before the Automation Project Launches

The companies getting this right are building security architecture into automation projects from the beginning — designing the network segmentation before the line goes in, not after it’s running. Retrofitting segmentation into a live production environment is harder, more disruptive, and more expensive than building it in from day one.

The practical steps for a food manufacturer evaluating a production floor automation project:

• Include network architecture review in the project scope. Before the first PLC ships, define how the OT network will be segmented from the business network.
• Identify all connectivity requirements. Which systems need to communicate with each other? Which vendor access points will be required? Each of those is a controlled connection, not an open one.
• Get your cyber insurance carrier’s requirements in writing. Know what controls they expect before the project closes, not at renewal time.
• Document the architecture as you build it. The person who designed the segmentation may not be there when someone needs to troubleshoot it in three years.

If you’re planning an automation or modernization project and the security architecture isn’t yet in the project scope, it should be. The cost of adding it is a rounding error compared to the cost of the incident it prevents.

NBIT helps food and beverage manufacturers design and implement OT/IT network segmentation as part of automation and modernization projects. Talk to us before your next project kicks off.