{"id":8240,"date":"2026-05-22T10:00:00","date_gmt":"2026-05-22T10:00:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=8240"},"modified":"2026-05-22T10:00:00","modified_gmt":"2026-05-22T10:00:00","slug":"why-your-ai-strategy-stops-where-the-plc-starts-hard-lessons-from-the-ot-frontlines","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=8240","title":{"rendered":"Why your AI strategy stops where the PLC starts: Hard lessons from the OT frontlines"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>I spent two days at a substation connecting a major offshore wind farm to the grid. The control room featured three new AI-ready dashboards and a board mandate to \u201cleverage machine learning for resilience.\u201d It also had a maintenance laptop running Windows 7, literally taped to the inside of a cabinet because the Velcro had failed.<\/p>\n<p>That laptop was the only device in the building that could still talk to the legacy protection relays guarding the grid connection. No patches since 2017. No EDR. No path to an agent-based security model.<\/p>\n<p>I have walked into some version of this scene at energy utilities, automotive plants and pharma sites across sectors and borders for a decade. The dashboards change; the \u201cforgotten\u201d laptop stays. This is the massive visibility gap that no Large Language Model can close. According to the <a href=\"https:\/\/www.dragos.com\/ot-cybersecurity-year-in-review\">2026 Dragos OT Cybersecurity Year in Review<\/a>, fewer than 10 percent of OT networks worldwide currently have meaningful network monitoring in place. In 30 percent of last year\u2019s incident response cases, investigations started not with a detection alert, but with someone on the plant floor noticing that \u201csomething seemed wrong.\u201d<\/p>\n<p>If you are a C-level leader planning an AI-driven security strategy, you need to realize: your strategy won\u2019t fail because the AI isn\u2019t smart enough. It will fail because your most critical telemetry never reaches it.<\/p>\n<h2 class=\"wp-block-heading\">The inverted CIA triad: Where AI hallucinates risk<\/h2>\n<p>In IT, we prioritize confidentiality, integrity and availability. In OT \u2014 operational technology \u2014 the triad is flipped: availability is everything.<\/p>\n<p>This inversion is where AI-driven security tools quietly break. A model trained on enterprise telemetry \u2014 HTTP, DNS and Windows event logs \u2014 will look at a Modbus or PROFINET segment and flag perfectly normal industrial traffic as an anomaly. If that AI is wired into an automated response playbook, you\u2019ve built a system that can shut down a production line faster than any hacker.<\/p>\n<p>During a simulation I conducted for a Tier-1 automotive supplier, I watched a SOAR platform attempt exactly this. The IT lead was thrilled by the \u201cmillisecond response time.\u201d The plant manager went gray as he realized the AI had just simulated a six-figure-per-hour downtime event by isolating a critical PLC. In the industrial world, an automated \u201cisolate host\u201d command is often indistinguishable from a denial-of-service attack.<\/p>\n<h2 class=\"wp-block-heading\">Passive monitoring vs. poking the controller<\/h2>\n<p>When I have evaluated OT monitoring platforms like Nozomi Networks, Claroty or Microsoft Defender for IoT, the technical differences often mattered less than one critical question: does this tool require active queries?<\/p>\n<p>In a boardroom, \u201cactive scanning\u201d sounds efficient. In a running plant, poking a 15-year-old Siemens S7-300 or a Rockwell Automation controller to extract metadata can cause the device to crash. I\u2019ve seen half a shortlist eliminated because the vendors\u2019 AI engines required active polling that the operations director refused to sign off on.<\/p>\n<p>For AI to work in OT, it must be fed by passive network monitoring. You need the raw traffic from Level 0\u20132 of the <a href=\"https:\/\/www.isa.org\/standards-and-publications\/isa-standards\/isa-iec-62443-series-of-standards\">Purdue Enterprise Reference Architecture<\/a>, the layered model that defines the boundary between IT and OT systems. Without that telemetry, you are performing language modeling on an empty corpus. You aren\u2019t seeing the S7Comm or DNP3 protocols that actually manage the physical world.<\/p>\n<h2 class=\"wp-block-heading\">The crown jewels are simpler than you think<\/h2>\n<p>The projects I see succeed don\u2019t start with a 300-page AI roadmap. They start with a ruthless focus on what I call the crown jewels.<\/p>\n<p>I always ask plant managers the same question: which three processes can you absolutely not afford to lose for even an hour? At a power utility, it\u2019s not the billing system; it\u2019s the protection relays. At a pharma site, it\u2019s a single fermentation line. At an automotive plant, it\u2019s the welding cell that feeds the entire body shop.<\/p>\n<p>Once you identify these, the AI scope collapses from \u201ceverything\u201d to \u201cthe things that matter.\u201d We then apply virtual patching to protect the unpatchable Windows 7 machines and segment the network so the smart coffee machine in the breakroom \u2014 which receives more security updates than the industrial robots \u2014 cannot reach the human-machine interface.<\/p>\n<p>Here is the part that surprises most CIOs: the crown-jewel list is almost always shorter than the security team predicts and almost always longer than the operations team admits. At one site I worked with last year, security had counted 47 \u201ccritical\u201d systems on a spreadsheet. The plant director, after twenty minutes of honest conversation, named six. The other 41 were important, but they were not crown jewels. They didn\u2019t need real-time AI-driven anomaly detection. They needed monthly compliance reporting. Conflating those two requirements is how OT security budgets get burned without measurable risk reduction.<\/p>\n<h2 class=\"wp-block-heading\">The culture shift: From phishing to physics<\/h2>\n<p>The most productive workshop I ran this year didn\u2019t involve a single AI vendor. It was a tabletop exercise tracing a ransomware path from a phishing email to a contractor\u2019s USB stick, then into the maintenance laptop and finally the PLCs.<\/p>\n<p>We mapped it minute by minute. Minute zero: a procurement clerk opens an invoice attachment. Minute eight: the malware reaches the contractor\u2019s laptop on the office network. Minute fourteen: the contractor plugs the same laptop into the maintenance VLAN to update HMI firmware, just as he does every Tuesday. Minute twenty-three: the ransomware encrypts the engineering workstation. Minute thirty-one: the operators notice the screens going dark, but production keeps running on the PLCs themselves \u2014 because OT controllers don\u2019t need Windows to do their job. The illusion of normality holds for almost an hour. Then someone tries to push a setpoint change, and nothing happens.<\/p>\n<p>That was the moment that changed the room. The production head had spent the morning asking why we needed yet another security project. Now he was asking how long until they could actually detect minute eight, before the contractor\u2019s laptop ever touched the maintenance network. The IT lead, who had defended his \u201cpatch Tuesday at 2 a.m.\u201d ritual for years, finally understood why that ritual is an impossibility in a facility that runs 24\/7. Different vocabularies, same problem.<\/p>\n<p>For the first time in any meeting at that site, an OT manager and an IT manager left the room with a shared incident timeline rather than a shared blame map. That\u2019s what culture change in industrial security actually looks like \u2014 not a policy document, but a tabletop with enough specificity that nobody can hide behind their own jargon.<\/p>\n<h2 class=\"wp-block-heading\">Bottom line for CIOs and CSOs<\/h2>\n<p>With nation-state actors like Volt Typhoon increasingly using \u201cliving off the land\u201d techniques to embed themselves in critical infrastructure, as detailed in <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa24-038a\">recent CISA advisories<\/a>, the luxury of ignoring the factory floor is gone. AI can help us find these threats, but only if the telemetry is real. If you want AI to deliver real business value in industrial environments, the order of operations is non-negotiable.<\/p>\n<p>First, inventory: map the floor, not the slides. Second, segmentation: kill the routes from the breakroom to the PLC. Third, passive telemetry: feed the AI with real industrial protocols from Purdue Levels 0\u20132. Then, and only then, layer the language model on top.<\/p>\n<p>Skip these, and you\u2019ve built a very expensive dashboard for a network you still cannot see.<\/p>\n<p><strong>This article is published as part of the Foundry Expert Contributor Network.<\/strong><br \/><strong><a href=\"https:\/\/www.csoonline.com\/expert-contributor-network\/\">Want to join?<\/a><\/strong><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>I spent two days at a substation connecting a major offshore wind farm to the grid. The control room featured three new AI-ready dashboards and a board mandate to \u201cleverage machine learning for resilience.\u201d It also had a maintenance laptop running Windows 7, literally taped to the inside of a cabinet because the Velcro had [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":8241,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-8240","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8240"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8240"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8240\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/8241"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}