Global cyber authorities release first unified guidance for AI in OT

As artificial intelligence becomes increasingly integrated into critical infrastructure systems, a new set of security challenges emerges at the intersection of AI and OT. Recently, a coalition of international cyber security agencies released comprehensive guidance on how to safely integrate AI into OT environments.

Why This Matters Now

Since ChatGPT's public release in late 2022, AI adoption has accelerated across industries. For critical infrastructure operators, AI promises increased efficiency, enhanced decision-making, and cost savings. However, integrating AI into environments that manage essential public services introduces significant risks that could affect safety, security, and reliability.

The guidance comes from nine international cybersecurity agencies, including CISA, NSA's AI Security Center, the FBI, and cyber security centers from Australia, Canada, Germany, the Netherlands, New Zealand, and the UK.

Four Core Principles

The guidance organises security considerations into four key principles:

1. Understand AI

Before deploying AI in OT environments, organisations must grasp the unique risks involved. These include cybersecurity vulnerabilities specific to AI systems (like prompt injection attacks), data quality challenges, model drift over time, and the inherent difficulty of explaining AI decisions.

Critical infrastructure operators should understand the secure AI development lifecycle, from design through deployment and ongoing maintenance, and ensure their personnel receive proper training on AI fundamentals and threat modeling.

2. Consider AI Use in the OT Domain

Organisations are recommended to carefully assess whether AI is truly the best approach for their specific needs, considering factors like security, performance, complexity, and cost.

3. Establish AI Governance and Assurance Frameworks

Effective governance requires commitment from senior leadership, input from OT and IT experts, and collaboration with cyber security teams. Suggestions include integrating AI security into existing frameworks rather than treating it as entirely separate.

This includes conducting regular security audits, implementing robust access controls, and performing thorough testing in non-production environments before deployment. Operators should also stay informed about evolving AI technical standards and regulatory requirements.

4. Embed Oversight and Failsafe Practices

The guidance emphasises "human-in-the-loop" decision-making, especially for critical operations. Organisations should establish monitoring mechanisms to detect anomalies, track AI system performance, and maintain audit trails.

Equally important are failsafe mechanisms that enable AI systems to fail gracefully without disrupting critical operations. Incident response plans should be updated to address both attacks against AI systems and AI system failures.

Real-World Application

The guidance provides practical examples, like using AI for predictive maintenance on industrial generators. Such implementations require careful consideration of historical data access, real-time processing capabilities, network bandwidth constraints, and success metrics tied to downtime reduction and cost savings.

Importantly, organisations should demand transparency from OT vendors about embedded AI capabilities, including software bills of materials, data usage policies, and the ability to disable AI features when needed.

The integration of AI into critical infrastructure is not a question of if, but how. The key is balancing innovation with security:

• Start with a clear business case that justifies AI use over traditional solutions

• Protect sensitive OT data throughout the AI lifecycle

• Maintain network segmentation and prefer push-based architectures

• Keep humans in the loop for critical decisions

• Test thoroughly in non-production environments

• Prepare for AI system failures as part of incident response planning

As AI technology evolves, so too will the security challenges. Critical infrastructure operators who follow these principles can harness AI's benefits while maintaining the safety and security their communities depend on.

The full guidance document, "Principles for the Secure Integration of Artificial Intelligence in Operational Technology," is available from CISA and includes detailed technical recommendations, risk mitigation strategies, and additional resources for critical infrastructure operators.