Why this matters now

One of the most persistent challenges in manufacturing today is managing cybersecurity risk across legacy automation infrastructure. Many organizations continue to rely on supervisory control and data acquisition (SCADA) systems that were deployed decades ago—long before modern cybersecurity requirements existed.

These systems often lack encrypted communications, role-based access controls, and regular security patching. At the same time, today’s operating environment increasingly demands connectivity to support analytics, remote monitoring, and AI—making fully air-gapped operation unrealistic for most organizations.

As Alberto Rivi, an Emerson expert with decades of cybersecurity expertise, shared recently in Automation World, replacing these systems outright is often cost-prohibitive—yet continuing to operate them without a security strategy presents significant risk.

“[Operating on legacy systems] exposes them to significant risks and vulnerabilities, like outdated software and operating systems, weak or default authentication mechanisms, insecure communication protocols, supply chain and vendor-related risks, and a lack of network segmentation.”

Takeaway: Legacy SCADA systems introduce unavoidable cybersecurity risk that must be actively managed, not ignored.

TL;DR

• Many manufacturers rely on legacy SCADA systems not designed for modern cybersecurity.
• Operational and financial constraints often prevent wholesale system replacement.
• Connectivity increases cyber exposure as analytics and AI become standard.
• Structured assessment and segmentation reduce immediate risk.
• Modernization can proceed incrementally while protecting operations.

Start with assessment

According to Rivi, the most important first step toward securing legacy environments is understanding what already exists. Without a clear picture of assets, traffic flows, and vulnerabilities, cybersecurity initiatives often miss their intended mark.

He outlines two complementary assessment approaches:

“One, passive network discovery and mapping whereby teams start with non-intrusive tools such as passive OT network scanners to map assets, protocols and traffic flow without inserting probes. Second, engage certified third-party experts for gap analysis. Many organizations focus specifically on OT tasks and partner with an expert automation solutions provider to develop a cybersecure posture across OT and IT.”

Working with experienced partners provides access to cybersecurity expertise grounded in standards such as IEC 62443—helping organizations align remediation efforts with globally recognized best practices.

Takeaway: Effective cybersecurity starts with visibility, asset awareness, and standards-based assessment.

Preparing for transition

While full modernization to cybersecure-by-design SCADA platforms remains the long-term goal, organizations must address risk during the transition period.

Rivi recommends a layered approach that includes network segmentation, managed industrial switches, software-defined networking, and buffered demilitarized zones (DMZs) between IT and OT systems.

He also emphasizes the importance of patching discipline and compensating controls when patching is not immediately possible:

“Some include network segmentation and zoning that isolates OT segments using VLANs or micro-segmentation to limit lateral movement; continuous OT monitoring and anomaly detection via the implementation of passive sensors for real-time visibility into traffic and behaviors; and backup and recovery planning. In a cybersecurity breach, reliable backups will be critical to reducing downtime.”

As these controls are implemented, organizations should simultaneously develop a roadmap to prioritize replacement of highest-risk legacy systems first.

Takeaway: Cyber risk can be reduced immediately through segmentation and monitoring while preparing for phased modernization.