As organizations with operational technology (OT) begin to embrace AI, security needs to be at the forefront of their strategy. The integration of AI significantly widens the attack surface—a surface already expanded by the convergence of IT and OT. Most OT breaches stem from IT connectivity, and OT devices, which often lack built-in security features and patching capabilities, are inherently difficult to secure. The introduction of AI adds a new layer of complexity to an already challenging environment.
To navigate these challenges, security professionals must rethink their approach. The key to securing AI lies in leveraging AI itself—using the technology’s strengths to create powerful defenses.
Growth of AI adoption and accompanying security challenges
The adoption of AI applications by employees is rapidly accelerating, driving innovation across industries. Companies are harnessing AI to gain a competitive edge, with employees leveraging tools like generative AI to streamline workflows and boost productivity.
In the OT sector, the potential for AI is immense, and it’s already transforming operations. For example, AI is empowering manufacturing and energy, with use cases like smart manufacturing and “machine-as-a-service” leveraging a new industrial IoT tech stack that fundamentally challenges the traditional Purdue Model and air gapping. Smart buildings are becoming more efficient by using AI to optimize energy consumption, enhance workforce experience, and automate routine maintenance tasks such as monitoring HVAC systems, adjusting lighting based on occupancy, and detecting leaks in plumbing systems.
Additionally, AI-driven decision-making is helping OT professionals automate complex processes like scheduling predictive maintenance based on equipment usage patterns, dynamically adjusting production lines to optimize output, and managing inventory levels in real time to prevent shortages. By taking over these routine yet critical tasks, AI allows OT teams to focus on more strategic, higher-value activities that drive innovation and efficiency.
This is already happening, and use cases are rolling out quickly. A recent report by MIT Technology Review Insights found that 64% of manufacturers surveyed had already started researching or experimenting with AI. In fact, according to Gartner, up to 75% of operational decisions may be made within an AI-enabled application or process by 2030.
However, organizations must keep in mind that while AI-powered applications offer amazing opportunities, they also present new issues for data security and enlarge the potential attack surface. As AI adoption soars, these systems become prime targets for cyberattacks.
AI applications such as connected machines require machine telemetry to be collected from the edge directly to IT and/or the cloud, which break the traditional OT model and increase the threat surface. Often, OT (or shadow IT) can build such a tech stack without the knowledge or sanction of the IT security team, which exposes industrial organizations with threats from many unsanctioned, external-facing applications and assets. This requires organizations to rethink their security strategies to protect these critical assets.
AI is increasingly being adopted by organizations as they realize its dual potential: reducing costs on the back end while driving greater profits through enhanced applications. Enterprises are now integrating AI components into their application stacks to capitalize on these benefits. However, this also introduces new risks, particularly around the exposure of sensitive data, as AI systems rely on inference and training datasets. As AI becomes a more integral part of business operations, safeguarding these datasets from potential threats is essential to maintaining both security and trust.
Securing AI-powered applications with the right AI-driven plan
The AI genie is out of the bottle. There’s no going back, which means the only safe way forward is to take a strong approach to securing these AI-powered applications. And, ironically, tackling AI-related security threats requires AI-fueled solutions. In a report by Palo Alto Networks and ABI Research, 8 out of 10 respondents said they believed AI would be essential for combating AI-fueled attacks.
Some of the ways that AI can help with AI security are:
IT and OT security team collaboration: AI is transforming the way IT and OT security teams collaborate by providing a unified view of security data that both sides can leverage. As OT environments increasingly integrate IT technologies, AI helps bridge the gap by applying advanced analytics across both domains. This enables earlier threat detection, more accurate mapping of attacks to frameworks like MITRE ATT&CK, and automated monitoring of anomalies. By enhancing communication and streamlining routine security tasks, stronger collaboration between IT and OT teams makes end-to-end, AI-enabled insight possible for better detection and security.
Augmenting threat detection and response: AI is transforming the way that manufacturers find and respond to threats, especially with respect to User and Entity Behavior Analytics (UEBA) applied to the many devices on the factory floor. AI tools use algorithms to set baselines for normal behavior and rapidly find irregularities that could signal a threat. Standard IT security tools might not comprehend OT’s specialized protocols, so this AI capability is especially important.
Addressing the cyber skills gap: Globally, there’s an estimated shortage of 4 million skilled cybersecurity professionals, per ISC2. AI can help by automating some of the mundane tasks teams are grappling with and help newer team members deal with higher-level security operations. AI automation also empowers security staff to spend time on high-value strategic initiatives.
Looking ahead, several AI innovations are on the cusp of positively affecting OT security:
- AI-digital twin integration to create more effective security simulations
- Greater accuracy in terms of threat detection, which lowers the number of false positives
- Greater ability to assess operational risk
Securing AI, of course, also requires following all of the best practices for any security program, including investing in periodic training and awareness for staff, staying up to date on regulatory and compliance requirements, and conducting ongoing security inspection of OT processes and network traffic.
Making AI safe
The convergence of OT and IT has already expanded the available network and data security attack surface – and the introduction of AI has expanded it even further. As organizations and their employees quickly embrace AI, the technology brings both opportunity and new risks, including the use of unsanctioned shadow AI.
Given AI’s undeniable utility, it’s here to stay, and its security ramifications must be addressed now. To secure the use of GenAI and AI-driven applications, organizations must develop a comprehensive security plan that not only protects against potential threats but also harnesses AI’s capabilities to strengthen their defenses. The best practices noted above provide a framework for organizations to create or fine tune a strategy that enables them to maximize AI possibilities while effectively managing the associated risks.
Credit: Source link