Case Study: Navigating IT/OT network segmentation in South America

08/08/2025 | Axiomis |

A red lowercase 'in' logo with a blue dot above the 'i'.

Over the last two years, Axiomis embarked on a long-term project for a major North American-based international corporation to properly segment their IT and OT networks across 20 + sites.

Axiomis took this opportunity to expand our organization internationally to increase our market opportunities in network management and security implementation.  This allowed us to develop a strong South American team based in Brazil, with the capability of servicing sites across many of the countries in South America.

Challenges – Several barriers were present as we approached the implementation and improvement of network security across this organization.

  • Technical
    • Shortage of local automation personnel with in-depth network knowledge and skill set.
    • Gaps between knowledge of modern network infrastructure and the local talent pool.
    • Outdated and disorganized network infrastructure creating a cost barrier to project improvements or documentation efforts.
    • Price and lead time for hardware in South America can drive overall project cost and timeline, creating value concerns for local operations
    • Geographic distances across the South American countries can add to difficulties in cost and timelines. Locally available integrators might require extensive travel time to reach and support individual operations.
  • Political
    • South American industrial sector still lags in prioritizing network cybersecurity despite gains in global awareness.
    • Lower risk awareness for cyber threats and the need for robust security measures in industrial environments.
    • While significantly behind North America on security risk awareness, this area has benefited as a smaller target for security attacks.
    • Lack of centralized corporate-level groups within organizations that take responsibility for network security and implementation, leading to fragmented mitigation efforts.
    • Fragmentation leads to difficulties in developing, implementing, and enforcing system-wide standards.
    • Prioritization of production-focused efforts often leaves network security to fall off the radar for improvement efforts and budget allocation.

Approach – We worked with this organization as a key partner to develop, design, and implement the changes in South America to match the performance attained within the North American segment of this organization.

  • Corporate commitment – Developed a corporate commitment to network security implementation across the global organization to achieve consistent standards performance.
  • Phased approach – To manage the budget and timeline concerns within the South American group, a phased approach was developed to achieve improvements in manageable and measurable segments
    • Phase 1 – Assessment – An on-site assessment of each operation was conducted to provide a detailed room-to-room plan for the implementation.
    • Phase 2 – IT/OT Segmentation
    • Phase 3 – IDMZ implementation and long-term support
  • Hybrid Staffing
    • Develop a local (South American) team of technical experts as an arm of our company to manage the majority of physical installation and support work.
    • Remote support personnel – The current group of North American personnel are available for remote support and configuration.  This group is also available for travel when needed for on-site installations.
  • Plant-level opportunities
    • Enhanced training and development of site-level personnel
    • Updated investment in infrastructure, primarily fiber
    • Fostering a stronger plant-level staff culture of cybersecurity awareness
    • Educate local management on the long-term benefits of secure network segmentation

Result/Status

  • Axiomis developed a local subsidiary team of talented technicians and managers to provide a high level of commitment and support in this geographic area.
  • The Phase 1 assessment was completed in 2024, which allowed for a complete installation plan and cost assessment for the Phase 2 implementation.
  • Phase 2 IT/OT Segmentation installation has been completed across 10 of 22 facilities with 5 planned for completion by the end of 2025.

Summary

  • Development of a local in-country team has been a key component in addressing many of the barriers to operating internationally. Expansion of the core team with increasing opportunities will further expand our reach in this area.
  • Developing and maintaining strategies for sourcing hardware is crucial to managing timelines and cost expectations.  This is a stark contrast to the ability to easily select between multiple suppliers for standardized equipment, meeting the needs of network security.
  • Completing and maintaining detailed network documentation will help achieve significant long-term benefits in the maintenance of the network infrastructure and future expansion and updates to the system.
  • Axiomis will also continue to explore strategic partnerships for regional support and logistics where our experience can provide value in similar applications.