A global pharmaceutical and medical device manufacturer operates dozens of production facilities worldwide. The company delivers regulated healthcare products across diverse markets and is committed to quality, safety, and compliance.
- Faced difficulty managing cyber vulnerabilities across highly segmented OT networks in validated manufacturing environments
- Vulnerable to operational and regulatory risks with traditional IT tools due to intrusive scans and unauthorized system changes
- Lacked centralized visibility and control over proprietary, legacy OT assets spread across global sites
- Deployed Verve® by Rockwell Automation to extend BigFix capabilities into OT environments
- Used agentless device interface (ADI) to manage proprietary and legacy OT assets without disrupting validated systems
- Enabled multi-site reporting and local action through “Think Global, Act Local” approach
- Delivered visibility and vulnerability assessments across IT and OT endpoints without intrusive scans
- Engaged manufacturing-focused teams to align the implementation with plant operations and compliance needs
- Gained full visibility and control across globally distributed, segmented OT networks
- Reduced cybersecurity risk with non-disruptive, closed-loop vulnerability management
- Achieved faster remediation timelines through centralized analysis and localized execution
- Avoided compliance disruptions by eliminating the need for invasive scanning or unsanctioned changes
Cybersecurity in pharmaceutical and medical device manufacturing is uniquely complex. Legacy equipment, strict regulatory compliance, segmented networks, and proprietary OT devices create significant barriers to effective vulnerability management. This global manufacturer needed a purpose-built solution for these constraints.
Challenge
Legacy OT Systems Hindered Security Visibility and Control
A global pharmaceutical and medical device manufacturer operating dozens of facilities worldwide faced growing cybersecurity challenges in its manufacturing environment. With validated systems, legacy equipment, and proprietary embedded devices across geographically distributed plants, the company struggled to gain consistent visibility and control over its OT assets.
The manufacturer attempted to use traditional IT security tools, such as vulnerability scanners and antivirus software, to secure their OT environment. The tools ended up creating operational and regulatory risks by initiating intrusive scans and unauthorized configuration changes. The company needed a solution that could provide comprehensive vulnerability management without disrupting operations or violating compliance requirements.
Solution
Extending IT-Grade Tools into OT Environments
The manufacturer selected Verve® by Rockwell Automation to meet these challenges. The Verve® by Rockwell Automation platform extended BigFix capabilities into their OT environment. With the platform's agentless device interface (ADI), the manufacturer was able to manage the range of OT devices—regardless of vendor or age—without deploying software directly onto endpoints.
A “Think Global, Act Local” framework provided centralized reporting and analysis while enabling local remediation actions like patching and configuration changes at the plant level. In addition, our specialists supported implementation by collaborating with the manufacturer’s operation leaders to align with regulatory and safety requirements.
Result
Faster, Safer Security Operations Across Global OT Sites
With Verve® by Rockwell Automation, the manufacturer gained visibility into all IT and OT endpoints across its segmented networks—without the need for scans. The unified platform allowed analysts to assess and remediate vulnerabilities from a central console. This resulted in improved response times and minimal disruption to plant operations.
Results included:
- Full coverage of legacy and proprietary assets across OT environments
- Reduced time to detect and remediate vulnerabilities across sites
- No changes to endpoint architecture or impact on validated systems
- Lower deployment costs and faster rollout compared to OT-specific alternatives
- Minimal training required for operations staff due to user-friendly interface
Published November 3, 2025
You may also be interested in