Persona: VP Operations (Manufacturing)¶
The operations leader navigating OT/IT convergence while keeping production running
Generated: February 2026 Status: Active ICP Tier: Secondary
Demographics & Firmographics¶
| Attribute | Value |
|---|---|
| Title | VP Operations, Director of Operations, Plant Manager, VP Manufacturing |
| Reports To | CEO, COO, President |
| Company Size | 100-300 employees |
| Industries | Discrete Manufacturing, Process Manufacturing, Food & Beverage, Industrial |
| IT/OT Team Size | 1-3 IT staff, separate plant floor technicians |
| IT Budget | $300K-$1M annually (split IT/OT) |
| Age Range | 45-60 |
| Experience | 20-35 years in manufacturing, 10-20 years in operations leadership |
Psychographics & Motivations¶
Core Identity¶
- Self-Image: Production-focused leader who gets things shipped
- Fear: Production line down due to cyber attack or IT failure
- Aspiration: Modernize operations without disrupting production
Personality Traits¶
- Production uptime is sacred—nothing stops the line
- Skeptical of "IT solutions" that don't understand manufacturing
- Values practical, proven approaches over cutting-edge
- Risk-aware but not risk-averse when ROI is clear
- Respects expertise but needs it translated to shop floor reality
Information Sources¶
- Industry trade publications (IndustryWeek, Manufacturing Executive)
- Trade associations (NAM, AME, industry-specific groups)
- Peer networks and industry conferences
- Equipment vendor recommendations
- Plant floor and engineering team input
Pain Points (Ranked by Intensity)¶
| Rank | Pain Point | Intensity | Quote |
|---|---|---|---|
| 1 | OT/IT convergence security | Critical | "We're connecting PLCs and HMIs to the network for monitoring, but I don't know if we're creating vulnerabilities." |
| 2 | Ransomware fear | Critical | "I saw what happened to that meat packer. If ransomware hits our control systems, we're dead in the water." |
| 3 | Legacy system dependencies | High | "We have equipment running Windows XP because the vendor says we can't upgrade. How do we secure that?" |
| 4 | Cyber insurance requirements | High | "Our carrier wants OT security documentation we don't have. They don't understand manufacturing." |
| 5 | IT/OT team divide | Medium | "IT doesn't understand the plant floor, and plant engineers don't think about cybersecurity." |
| 6 | Compliance expansion | Medium | "Customer security questionnaires, CMMC for defense contracts, NIST—it's all landing on my desk." |
| 7 | Skills gap | Medium | "We can't find people who understand both manufacturing and cybersecurity." |
Goals (Ranked by Priority)¶
| Rank | Goal | Timeline | Success Metric |
|---|---|---|---|
| 1 | Protect production uptime | Ongoing | Zero cyber-related production interruptions |
| 2 | Secure OT environment | 6-12 months | Network segmentation, visibility into OT assets |
| 3 | Meet customer security requirements | Ongoing | Pass customer security assessments |
| 4 | Satisfy insurance requirements | Annual | Policy renewed at reasonable rate |
| 5 | Enable smart manufacturing | 1-3 years | Safely connect production data to business systems |
| 6 | Maintain defense contracts | As needed | CMMC compliance for DoD work |
Buying Journey¶
Awareness Stage¶
Trigger Events: - Major manufacturing ransomware attack in news - Customer security questionnaire failing - Cyber insurance renewal with new OT requirements - Near-miss incident (USB malware, phishing at plant) - New IoT/monitoring initiative raising security questions - Defense contract opportunity requiring CMMC
Content Preferences: - Manufacturing-specific case studies - OT security benchmarks and statistics - Industry incident analyses - Practical checklists (not theoretical frameworks)
Questions: - "Has this actually happened to companies like us?" - "What's the minimum we need to do?" - "How do we secure equipment we can't patch?"
Consideration Stage¶
Evaluation Criteria: 1. Genuine manufacturing/OT experience 2. Understanding of production priorities (uptime first) 3. Practical approach—not just IT security rebranded 4. Can work with existing vendors and integrators 5. Reasonable cost relative to production value at risk
Content Preferences: - OT security assessment methodologies - Network segmentation case studies - Vendor-neutral technology recommendations - ROI models specific to manufacturing
Questions: - "Have you actually worked in manufacturing environments?" - "How do you handle equipment we can't update?" - "Will this impact production during implementation?"
Decision Stage¶
Decision Drivers: - Manufacturing operations experience (not just IT background) - Can work around production schedules - Clear phased implementation approach - Integration with existing vendors/integrators - Ongoing support during incidents
Content Preferences: - Detailed OT assessment scope and deliverables - Implementation case studies with production metrics - Sample network architecture diagrams - Reference calls with manufacturing operations leaders
Questions: - "What does implementation look like—can we do it during scheduled downtime?" - "How do you work with our equipment vendors and integrators?" - "What happens if we have an incident—are you available 24/7?"
Common Objections & Responses¶
| Objection | Response Strategy |
|---|---|
| "IT security people don't understand manufacturing" | "We're not IT security people—we specialize in OT environments. We speak PLC, HMI, SCADA. We know production uptime is sacred." |
| "We can't touch those systems—they're running production" | "We design around your production schedule. Most work happens during planned maintenance windows. We understand you can't stop the line." |
| "Our equipment vendor says we can't change anything" | "We work with your vendors, not around them. Compensating controls like network segmentation protect legacy systems without touching them." |
| "This sounds like a massive project" | "We start with visibility—knowing what's on your OT network. You can't protect what you can't see. Assessment first, phased implementation after." |
| "We're not a target—we're just a regional manufacturer" | "Manufacturing is the #1 ransomware target. Attackers know you'll pay to get production back online. Size doesn't matter—vulnerability does." |
Voice Gear: VP Operations¶
From brand-voice.md:
gear: vp_operations
adjustments:
directness: +0.15
technicality: -0.10 # Translate to business/operations terms
authority: +0.10
vocabulary_shifts:
cybersecurity: "production protection"
network: "plant floor connectivity"
risk: "production risk"
IT: "technology supporting production"
emphasis:
lead_with: "Protect production—not just data"
prove_with: "OT expertise with manufacturing operations background"
cta: "Secure Production Without Stopping It"
Recommended Content Types¶
| Stage | Content Type | Topic Examples |
|---|---|---|
| Awareness | Blog | "Ransomware and Manufacturing: Lessons from Recent Attacks" |
| Awareness | Infographic | "OT Security by the Numbers: Manufacturing Statistics" |
| Consideration | Whitepaper | "Securing Legacy Industrial Systems: A Practical Guide" |
| Consideration | Webinar | "Network Segmentation for Manufacturing: Protecting the Plant Floor" |
| Decision | Case Study | "Regional Manufacturer Achieves OT Visibility in 60 Days" |
| Decision | Guide | "Manufacturing OT Security Roadmap: Phased Implementation" |
Channel Preferences¶
| Channel | Preference | Notes |
|---|---|---|
| Trade Publications | High | IndustryWeek, Manufacturing Executive |
| Industry Associations | High | NAM, AME, sector-specific groups |
| Medium | Brief, operations-focused, results-oriented | |
| Medium | Manufacturing groups, peer connections | |
| Trade Shows | Medium | IMTS, Automate, sector conferences |
| Phone | Medium | Prefers scheduled calls, plant floor interruptions common |
Qualification Signals¶
High Intent Signals¶
- Recent ransomware news coverage driving executive discussion
- Customer security audit failure
- Defense contract opportunity requiring CMMC
- OT network expansion project underway
- Cyber insurance carrier requiring OT documentation
- Referred by manufacturing peer
Medium Intent Signals¶
- Attending OT security webinars
- Downloading manufacturing security content
- Engaging with industry publication articles
- Connecting on LinkedIn
- Asking about assessment scope
Disqualification Signals¶
- No OT/industrial control systems
- Pure IT environment (warehousing only)
- <50 employees (likely insufficient OT complexity)
- No production lines (distribution only)
- Expecting IT-only solutions
Sales Play: VP Operations¶
Discovery Questions¶
- "Walk me through your production environment—what equipment is connected to your network?"
- "How do you currently handle software updates and patching for plant floor systems?"
- "Have you had any security incidents or close calls in the OT environment?"
- "What's driving this conversation—customer requirements, insurance, or internal initiative?"
- "Tell me about your relationship with your equipment vendors and integrators."
Value Proposition¶
"We protect production, not just data. Most security consultants treat manufacturing like any other IT environment. We understand that production uptime is everything, that some systems can never be patched, and that plant floor reality is different from IT theory. We secure your OT environment without disrupting operations."
Proof Points¶
- Specialized OT/ICS security expertise
- Zero production-impacting implementations
- Experience with major industrial control vendors (Rockwell, Siemens, Schneider)
- CMMC assessment and implementation expertise
- 24/7 incident response for OT environments
Recommended Entry Points¶
- OT Asset Discovery Assessment ($8,000-$15,000) — Visibility into connected assets
- OT Security Posture Assessment ($15,000-$25,000) — Full OT environment review
- Network Segmentation Design ($12,000-$20,000) — IT/OT separation architecture
- CMMC Readiness ($15,000-$30,000) — Defense contract compliance
Industry-Specific Considerations¶
Production Schedule Constraints¶
- Production Hours: 6AM-10PM typical, some 24/7 operations
- Maintenance Windows: Weekend shutdowns, quarterly maintenance
- Seasonal Variations: Industry-dependent busy seasons
- Implementation Approach: Must align with planned downtime
OT Technology Landscape¶
- Control Systems: PLCs (Allen-Bradley, Siemens), DCS, RTUs
- HMI/SCADA: Wonderware, Ignition, FactoryTalk, WinCC
- Historians: OSIsoft PI, Wonderware, FactoryTalk Historian
- Industrial Networks: EtherNet/IP, PROFINET, Modbus, OPC UA
- Legacy Operating Systems: Windows XP, Windows 7, Windows Server 2003
Regulatory and Customer Requirements¶
- NIST Cybersecurity Framework: Common customer requirement
- CMMC: Required for DoD supply chain
- Industry-Specific: FDA 21 CFR Part 11 (pharma/food), NERC CIP (utilities)
- Customer Security Questionnaires: Automotive, aerospace, defense
Key Stakeholders¶
- VP Operations/Plant Manager: Primary decision maker
- IT Director: Technical implementation partner
- Engineering Manager: OT system owner
- Quality Manager: Compliance and documentation
- CFO: Budget approval for significant investments
Last Updated: February 2026 Version: 1.0