Food industry case study: regaining control of the OT environment through comprehensive inventory and industrial mapping

Food industry case study: regaining control of the OT environment through comprehensive inventory and industrial mapping

February 13th, 2026Cyber11 minutes
Linkedin

A major food industry company engaged DATIVE to regain control over its OT network. Through a full asset inventory and both logical and physical mapping, the site was able to rediscover its true industrial architecture, secure its operations, and strengthen its cybersecurity posture.

Context and challenges within a highly automated food-processing environment

Our client: a strategic food industry player based in northern France

The site is one of the main production centers for fish-based products. Each line combines mechanical, thermal, cutting, weighing and packaging operations. These steps are orchestrated by industrial PLCs, HMI interfaces, control modules and supervision stations that communicate continuously.


In such an environment, the slightest network disruption can desynchronize the lines, impact supervision or even cut communication between a PLC and a robot. The impact goes far beyond digital systems. It directly affects production, food safety and the company’s logistical commitments. These food-processing operations run in a just-in-time flow and rely heavily on the availability of OT equipment.

A progressive loss of OT knowledge following team turnover and an IT manager change

Over time, organizational changes and the departure of key personnel resulted in a loss of knowledge of the industrial network. The new IT manager, whose scope now included OT, discovered an environment that was largely undocumented and had become opaque over the years.


The old network diagrams no longer matched reality. Some PLCs added in emergency situations had never been mapped. Other devices had been replaced with newer models without any documentation updates. The maintenance teams had a strong functional understanding of each line, but an incomplete view of network interconnections.


This loss of visibility is one of the most common challenges in mature industrial environments, and our client was no exception.

Facing a complex or partially documented OT environment? Contact us

Contact

A major gap between estimated and actual OT assets

When preparing a mission, we always request an estimate of the number of OT assets to scope our intervention. The IT manager at this food-processing plant estimated around 150 devices. The on-site inventory revealed more than 500. A considerable gap, highlighting the magnitude of the documentation loss.


This discrepancy is not only technical — it is strategic. It meant that site management was making decisions based on a partially known environment. Under these conditions, it was impossible to assess asset criticality, plan OT segmentation or prepare for emerging regulatory obligations.

You think you have 100 devices but actually 500

Critical industrial, regulatory and cybersecurity stakes

The food industry is subject to multiple imperatives: production lines must run without interruption to meet demanding cadences, traceability must be guaranteed for sanitary reasons, and cybersecurity must be strengthened to comply with regulatory requirements such as NIS2 and technical frameworks like IEC 62443.


Without a reliable inventory, it becomes impossible to meet these requirements or implement a coherent industrial cybersecurity strategy. The site therefore engaged in a structured approach to regain full visibility of its OT environment.

Need clarity on your NIS2 obligations or guidance on IEC 62443? Let’s discuss a tailored action plan for your site.

Contact

Initial issues: loss of visibility and operational risks

An OT environment difficult to control without documentation

Teams were dealing with an industrial network whose documentation had vanished over the years. PLCs, HMIs and industrial switches were running properly, but no one could accurately describe how the different elements were connected or what dependencies existed between workshops.


An industrial network without reliable documentation operates in a state of unstable equilibrium. It may run for years without a major incident, but becomes extremely vulnerable in the event of a failure or change.

Is your OT documentation no longer reliable? Contact DATIVE to rebuild a clear, actionable and operational vision of your industrial network.

Contact

Unidentified IT/OT interconnections

This plant relied on several IT services used in production, such as MES, recipe systems, quality tools or labelling systems. Yet, no diagram existed describing how these systems interacted with OT. Some flows transited through unexpected networks. Others depended on switches that no one was aware of.


This lack of visibility made each network change risky. A single cable movement could stop an entire production line.

An IT manager confronted with an unfamiliar OT scope

The IT manager suddenly found himself responsible for a domain that was not historically his. The logic of an industrial network differs significantly from that of an office network. The consequences of any action are heavier. Physical constraints and industrial protocols require specific expertise.


Without an inventory or mapping, he was unable to make informed decisions.

Difficulty initiating NIS2 or IEC 62443 compliance

Regulatory texts require clear visibility of assets, zones, flows and dependencies. The site no longer had this information, making it urgent to rebuild this foundational layer. Even though this food-processing site does not intend to seek certification today, establishing solid foundations for cybersecurity deployment was essential.

Difficulties initiating NIS2 IEC62443 compliance

Our intervention: full inventory, logical mapping and physical mapping

Exhaustive OT asset inventory

We began with an on-site immersion. Line by line, cabinet by cabinet, we identified every industrial device. Our teams documented PLCs, HMIs, switches, local servers, machine vision systems and all OT assets.


For each asset, we recorded its function, IP address, firmware, exact location and operational dependencies. This meticulous work restored an accurate view of the site’s actual OT landscape.

Logical mapping of network flows and architecture

We then reconstructed the logical network architecture. This includes analysis of VLANs, subnets, gateways, supervision flows, inter-workshop communications and IT/OT dependencies.


This logical mapping enables understanding of critical flows, sensitive zones and potential propagation paths. It is an essential foundation to anticipate cyber risks and define segmentation strategies.

Physical mapping of cabinets and connections — a rare expertise

Physical mapping is one of DATIVE’s unique strengths. Very few companies perform this type of work, as it requires on-site expertise, presence in the workshops and a detailed understanding of mechanical and electrical installations.


We physically represented every cabinet, PLC, switch and actual connection. We mapped cables, used ports and dependencies between production lines.


This physical mapping offers significant value to maintenance teams. It enables them to quickly locate failures, avoid accidental disconnections and plan interventions safely.

Interested in a full OT inventory or mapping? Let’s discuss your environment and possible intervention options.

Contact

Cross-analysis and documentation consolidation

All collected data was consolidated into a single repository. This documentation was shared with the IT, OT and maintenance teams to establish a common language and shared understanding of the industrial environment.

Cross-analysis and documentation consolidation

Findings: an environment far larger and more complex than expected

More than 500 industrial devices identified

Field reality confirmed the importance of a full inventory. The site actually contained more than 500 OT devices across several workshops and functional zones.

Discovery of undocumented or obsolete assets

Some cabinets still contained decommissioned devices that remained connected. Others housed PLCs whose criticality was unknown. Several firmwares were outdated.

Inconsistent network topologies compared with supplied diagrams

Historical diagrams no longer reflected reality. Some lines depended on switches located in other buildings. Other critical flows transited through segments that should not have been used.

Critical dependencies invisible without physical mapping

The physical mapping revealed dependencies that only field teams suspected. Some devices played a central role without any documentation.

Direct impacts on cybersecurity and OT resilience

Without visibility, security is impossible. The plant was exposed to propagation risks, human errors and unplanned production interruptions.

Need help identifying critical zones, obsolete assets or invisible dependencies? Our teams can support you.

Contact

Recommendations: structure, secure and prepare for compliance

Creation of an up-to-date and maintainable OT asset database

We proposed a simple, clear and usable asset database format for all stakeholders.

Living documentation and update procedures for OT infrastructure changes

We defined the mandatory rules to keep documentation up to date, particularly during maintenance activities or equipment replacements.

IEC 62443-compliant network segmentation plan

With a clear view of the environment, it becomes possible to segment the network into zones and conduits according to the standard’s principles.

Securing IT/OT interconnections

The reconstruction of flows made it possible to identify the points to secure in order to prevent propagation risks in the event of a cyberattack.

Preparation for NIS2 compliance and upskilling of teams

The site now has all the necessary elements to anticipate and prepare for NIS2 compliance.

nis2

Conclusion

Restoring visibility is never a simple technical operation. It is a fundamental step in regaining control of an industrial environment that has evolved for years without structured documentation. In this food-processing plant, the absence of a clear reference system prevented sound decision-making. Thanks to the exhaustive inventory and dual logical and physical mapping, the site rediscovered the real structure of its OT architecture.


This renewed understanding revealed dependencies, critical zones and potential risks. The IT, OT and maintenance teams now work from a shared baseline. Decisions are made with a global, documented vision. Industrial performance is strengthened.


Cybersecurity is never just a matter of tools. It is above all a matter of knowledge. And when that knowledge is clear, structured and shared, every action gains precision and effectiveness. This food-processing site now has all the necessary foundations to secure its production tool sustainably, modernize its infrastructure and calmly progress toward NIS2 compliance.


In an industry where every minute counts, this restored visibility is not a comfort — it is a necessity.

Looking to regain control of your OT environment and secure your production sustainably? Let’s discuss your challenges — the DATIVE team is here to support you.

Contact
News

News

Client case: Regaining control of OT flows on a hydrogen-related industrial infrastructure
Cybersecurity
Client case: Regaining control of OT flows on a hydrogen-related industrial infrastructure

Industrial projects involving hydrogen impose particularly high standards. Safety, reliability and operational continuity are inseparable. DATIVE supports an industrial client specialising in the development of carbon-free hydrogen solutions. Its business relies on sensitive industrial infrastructure subject to stringent technical and regulatory constraints. In this context, industrial cybersecurity cannot be limited to a theoretical or generic approach. It must be finely integrated into the actual operation of the facilities and support operational performance. We are currently supporting this client on key OT cybersecurity issues. Our objective is to provide visibility, secure exchanges and enable informed technical decisions.

Know more
Pharmaceutical industry: OT cybersecurity facing public health and performance challenges
Cybersecurity
Pharmaceutical industry: OT cybersecurity facing public health and performance challenges

In the pharmaceutical sector, industrial cybersecurity is no longer just about protecting sensitive data. It now underpins the reliability of every medicine produced, the continuity of production, and the trust placed by health authorities. Faced with interconnected OT infrastructures, strict regulatory obligations and critical public health stakes, DATIVE supports manufacturers in securing their critical environments and sustainably improving their operational performance.

Know more
Cybersecurity in Pharma: network audit for a global injectable drug manufacturer
Cybersecurity
Cybersecurity in Pharma: network audit for a global injectable drug manufacturer

When an industrial network becomes unstable, pharmaceutical production feels the impact immediately. We were engaged to understand, diagnose, and stabilize an environment where each interruption could jeopardize the production of a vital drug. Here is how our team conducted the network audit for a global pharmaceutical leader to restore performance, stability, and cybersecurity.

Know more
Cybersecurity in Water Treatment: Cyber Assessment of WWTPs and Strengthening Their OT Resilience
Cybersecurity
Cybersecurity in Water Treatment: Cyber Assessment of WWTPs and Strengthening Their OT Resilience

A local authority in Savoie operating around twenty wastewater treatment plants (WWTPs) tasked our DATIVE experts with an industrial cybersecurity assessment. Objective: identify OT vulnerabilities, secure the infrastructure, and build a robust action plan to reinforce resilience against cyber threats.

Know more
These workstations will never be patched… but they can become unalterable
Cybersecurity
These workstations will never be patched… but they can become unalterable

This article presents a comprehensive hardening strategy for obsolete workstations to strengthen your industrial cybersecurity. In industrial environments, we regularly encounter outdated systems (Windows 2000 SP4, XP, 7 or old Windows 10). These systems, although critical in industry, can no longer receive patches: license issues, PLC incompatibilities, or risk of production shutdown.

Know more