Half of Manufacturing Plants Run on Hope: AMDT Study Exposes the OT Resilience Gap

Half of manufacturing plants run on partially automated backups. Let that land for a second. Not half of the small shops. Not half of the ones still running Windows XP on the floor. Half of all surveyed plants.

That is the headline finding from AMDT's new OT Resilience Report, a primary research study surveying 52 plant managers across packaging, food processing, automotive, aerospace, and chemicals. And the data beneath that headline is even more uncomfortable.

The Confidence Problem Nobody Wants to Talk About

Here is the number that should keep plant managers up at night: 77% of respondents say they are confident in their backup and versioning capabilities. Sounds reassuring. Except only 19% actually run fully automated backup processes. Another 23% rely on manual processes or have no process at all.

That is a confidence-capability gap wide enough to drive a forklift through.

Secondary research validates the disconnect. According to Thermopylae Sciences + Technology, 63% of organizations lack confidence in their cyber-attack recovery plans for critical OT workstations, and only 10% validate OT backups weekly or continuously. Most organizations believe they can recover within a day. Only 35% actually pull it off.

AMDT's study puts specific numbers to what many in the IoT and industrial automation space have suspected: the industry is operating on hope, not verified recovery capability.

The Money Problem: $260,000 Per Hour and Climbing

Manufacturing downtime now costs an average of $260,000 per hour industry-wide. In automotive, that figure reaches $2.3 million per hour, double what it was in 2019. Fluke Corporation's 2025 data found 61% of manufacturers experienced unplanned downtime in the past year, with cumulative costs reaching $852 million weekly across the sector.

The AMDT survey found 23% of plants would face severe or catastrophic impact from just 8 to 12 hours of downtime. These are facilities where every minute of recovery time carries existential consequences: perishable materials, continuous processes, safety-critical operations, customer commitments with contractual penalties.

Here is the math that matters: reducing recovery time from 12 hours to 4 hours at the industry average saves $2.08 million per incident. For plants averaging 6 to 10 incidents weekly, the annualized number becomes the kind of figure that gets CFO attention fast.

Why Corporate Cyber Policies Are Not Enough

The study reveals a governance structure that creates blind spots. 67% of respondents report cybersecurity is handled at the corporate level. Only 8% have fully plant-level decision authority.

Corporate cybersecurity oversight works fine for IT policy and standards. But OT backup and recovery demands plant-level expertise and execution. The CISO sets policy. The plant manager lives with the consequences when a PLC configuration vanishes at 2 AM and nobody on the floor has the authority or tools to restore it.

McKinsey's own research confirms this gap: many heavy industrial manufacturers cannot even identify a party responsible for OT security. Responsibility exists on paper. Accountability exists nowhere.

AMDT's recommended model splits ownership clearly. Corporate handles policy, platform selection, compliance frameworks, and budget. Plant teams handle daily backup execution, recovery drills, change control adherence, and first-line incident response. The distinction matters because the people closest to the equipment need decision rights when seconds count.

The Multi-Vendor Reality That Complicates Everything

35% of surveyed plants operate multi-vendor OT environments, running control systems from Siemens, Rockwell, ABB, Schneider, and Mitsubishi side by side. Another 44% reported "Other" systems, meaning custom solutions, legacy equipment, and specialized gear from regional suppliers.

This is where most backup strategies fall apart. Single-vendor tools only cover their own hardware. Rockwell's Asset Center works great if your entire floor runs Rockwell. It does nothing for the Siemens PLCs two lines over or the Mitsubishi HMIs in the packaging area.

AMDT's Octoplant platform supports over 150 OT device types across all major automation brands. That vendor-agnostic approach is not a marketing bullet point. It is the only architecturally honest answer to how modern manufacturing floors actually work. No plant manager should need three different backup platforms to cover one facility.

Compliance Is No Longer Optional

The regulatory landscape has shifted from voluntary to enforceable. The EU's NIS2 Directive became enforceable October 2024, classifying manufacturing as "important entities" subject to mandatory cybersecurity measures, incident reporting, regularly tested backup systems, and penalties up to 7 million EUR or 1.4% of global revenue.

IEC 62443 adoption sits at 54% compliant with another 31% planning compliance. NIST CSF 2.0's Manufacturing Profile, published September 2025, adds another layer. Only 19% of manufacturing firms qualify as "advanced" against NIST CSF criteria.

The AMDT study found 70% of industrial organizations now cite compliance as a top driver for cybersecurity investments. That number tracks with what we are seeing across IoT and OT markets. Compliance has moved from a technical consideration to a board-level strategic imperative.

Octoplant's built-in CVE detection, audit-ready reporting, and automated documentation give manufacturers a compliance path that does not require an army of consultants or months of preparation. One automotive customer reduced downtime 30% while achieving full NIS2 compliance. A pharmaceutical company used Octoplant's automated documentation to pass a major FDA audit with zero fines.

What the Data Says Manufacturers Should Do Right Now

AMDT lays out a phased roadmap that is refreshingly specific. Within 30 days: audit OT backup coverage, establish clear accountability at both corporate and plant levels, and document current recovery time objectives based on actual tested capability, not aspirational targets.

Within 90 days: implement automated backup for critical OT assets, deploy version control with change visibility, and conduct the first real recovery drill. The emphasis on "real" matters. A drill that skips difficult scenarios is not a drill. It is theater.

Within 12 months: establish immutable backup architecture to protect against ransomware, implement centralized visibility across all sites, and integrate OT backup into compliance frameworks as a continuous practice rather than an annual checkbox.

The Larger Signal for IoT

This study matters beyond its immediate audience of plant managers and OT directors. It quantifies a structural weakness in how connected industrial environments manage resilience. As IoT deployments expand the attack surface and regulatory requirements tighten, the gap between perceived and actual recovery capability becomes a systemic risk.

AMDT has done the industry a favor by putting primary research behind what most practitioners already felt. The data is clear. The recommendations are actionable. And the cost of inaction is now measurable in dollars per hour.

The question for every manufacturer reading this: when was the last time you actually tested a full OT recovery under realistic conditions? If you cannot answer that with a specific date and documented results, the AMDT study is talking directly to you.