How a 4-facility manufacturer eliminated cybersecurity exposure and cut telecom spend by nearly a third — without disrupting production.
Key Outcomes
The manufacturer had grown through acquisition over 15 years, resulting in a patchwork of legacy infrastructure across four facilities. Each site had been connected independently with different carriers, different hardware, and different configurations — making centralized management nearly impossible.
From a cybersecurity standpoint, the situation was more serious. The production floor OT systems — PLCs, SCADA, and industrial controls — shared the same flat network as corporate IT systems. This created a direct path from the internet into production equipment, a scenario that had already attracted attention from their cyber insurance carrier, which was threatening a significant premium increase at renewal.
On the financial side, a preliminary review revealed they were paying rates that had not been renegotiated in over seven years — 40% above current market rates for equivalent services.
ARG began with a comprehensive technology and spend assessment across all four facilities. This included a full audit of carrier contracts, hardware refresh cycles, and a detailed network security review that mapped every path between OT and IT systems.
The assessment revealed three actionable opportunities: carrier contract renegotiation, SD-WAN modernization to replace aging MPLS circuits, and OT/IT network segmentation to address the cybersecurity exposure.
ARG ran a competitive RFP across eight SD-WAN and carrier providers, leveraging its vendor-neutral position to negotiate best-in-class pricing without any commission bias. The selected solution provided redundant connectivity at each facility, centralized management, and the network architecture required to support proper OT/IT segmentation.
The OT/IT segmentation was designed and implemented in parallel, creating isolated network zones for production systems while maintaining the operational visibility the IT team needed.
Conducted a full technology spend audit across all four facilities. Mapped all carrier contracts, hardware inventory, and network topology. Identified OT/IT convergence risk points and quantified cost savings opportunity.
Ran a competitive RFP across eight SD-WAN and connectivity providers. Evaluated proposals against a weighted scorecard covering performance, security capabilities, support, and total cost. Presented findings to the CIO and CFO with a clear recommendation and financial model.
Negotiated contracts on behalf of the client using ARG's volume relationships and market pricing data. Achieved 32% cost reduction versus existing spend with improved service levels and redundancy built into the contract.
Managed the full deployment across all four facilities over a 90-day window. Implemented OT/IT network segmentation in parallel, working directly with the production team to ensure zero disruption to manufacturing operations.
The engagement delivered results across three dimensions simultaneously: cost, security, and performance.
The 32% reduction in annual telecom and infrastructure spend translated to a meaningful improvement in IT operating budget — freeing capital for other modernization priorities. The OT/IT segmentation resolved the cyber insurance carrier's concerns, resulting in an 18% premium reduction at the next renewal cycle.
On performance, the new SD-WAN architecture delivered connectivity improvements that had a direct impact on ERP system responsiveness across all facilities — a consistent complaint from operations management that had gone unaddressed for years.
Perhaps most importantly, the IT team now has a single, manageable infrastructure platform across all four sites — with centralized visibility and the ability to make changes without coordinating across four separate carrier relationships.
“We had been living with this infrastructure for years, always pushing it to the back of the priority list. ARG came in, showed us exactly what it was costing us — both financially and from a risk standpoint — and then managed the entire process. We didn't have to figure out the vendors, negotiate the contracts, or manage the deployment. They did it all.”