CISA Guidance Highlights AI Risk in Operational Technology and Critical Infrastructure
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued new guidance warning that expanding use of AI—particularly generative AI tools—in operational technology (OT) can increase risk across critical infrastructure environments such as power, water, pipelines, and industrial processes. The guidance emphasizes that OT systems historically lag in cybersecurity maturity and are increasingly exposed as they become more internet-connected and integrated with Industrial IoT (IIoT) sensors and remote operations; it also flags organizational challenges such as OT security skill gaps and the likelihood of “shadow AI” use even where tools are formally restricted.
Separate industry commentary reinforced that AI adoption in OT is accelerating and will increasingly move from monitoring to recommendation and automated action, raising the stakes because failures can have physical consequences and cascading operational disruption. Additional perspectives highlighted broader cyber-physical resilience issues—arguing that enterprises often fail to integrate physical and cyber security programs effectively—and pointed to basic infrastructure dependencies (e.g., power redundancy and misconfigured backup power) as underappreciated factors that can turn outages into major security and safety incidents in converged IT/OT environments.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
CISA issues AI security guidance for critical infrastructure OT
CISA released new guidance warning that integrating AI into OT environments supporting critical infrastructure can create major safety and cybersecurity risks. The document, developed with domestic and international partners, set out four principles for safer AI adoption in industrial settings.
SC Media calls for closer integration of cyber and physical security teams
An SC Media commentary warned that growing hybrid threats are exposing a disconnect between cybersecurity and physical security teams, and urged organizations to apply shared practices such as vulnerability management, zero-trust concepts, and adversary-focused risk thinking across both domains.
SC Media warns AI adoption in OT demands stronger control and accountability
A separate SC Media analysis said AI adoption in OT and industrial control systems is becoming inevitable and requires explicit authority, visibility, intervention capability, and tighter remote-access controls to avoid unsafe autonomous actions.
SC Media highlights power redundancy as an overlooked OT cyber-physical risk
An SC Media commentary argued that many organizations, especially in healthcare manufacturing, neglect basic power redundancy while focusing on advanced cybersecurity controls, creating avoidable cyber-physical risk in OT environments.
NIST and MITRE announce $20 million for two AI Economic Security Centers
NIST, working with MITRE, announced a $20 million investment to create two AI Economic Security Centers: one to advance AI for U.S. manufacturing and another to help secure critical infrastructure from cyber threats.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
CISA Issues New AI Security Guidance for Critical Infrastructure
techrepublic.com
Open sourceThe concerning cyber-physical security disconnect | SC Media
scworld.com
Open sourceWhat AI forces us to confront in OT and critical infrastructure | SC Media
scworld.com
Open sourceWhy a simple power failure could be your company's biggest cyber threat | SC Media
scworld.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
CISA Guidance on AI Integration Risks in Operational Technology
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with international partners, has issued guidance warning operators of critical infrastructure and industrial control systems about the risks of rapidly integrating artificial intelligence into operational technology environments. The guidance includes high-level principles and a checklist of questions for vendors, emphasizing that AI should not be treated as a 'magical black box' but as software that introduces new attack surfaces and risks. CISA's recommendations urge organizations to consider secure-by-design practices and to thoroughly assess the security implications before deploying AI in OT systems. This advisory comes amid a surge in efforts by OT technology vendors to embed AI into their products over the past 18 to 24 months. The guidance highlights the need for proper risk management and governance, as the rush to adopt AI could expose critical infrastructure to new vulnerabilities if not carefully managed. Operators are encouraged to engage with vendors about their AI development and deployment practices to ensure robust security controls are in place.
Mar 21, 2026
Guidance for Secure AI Integration in Operational Technology
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Australian Signals Directorate’s Australian Cyber Security Centre and other international organizations, has released new guidance outlining principles for the secure integration of artificial intelligence (AI) into operational technology (OT) environments. The guidance addresses the unique risks posed by machine learning, large language models, and AI agents in critical infrastructure, emphasizing the need for education, risk assessment, governance, and embedding safety and security into AI-enabled OT systems. Key recommendations include continuous testing of AI models, regulatory compliance, and integrating AI into incident response plans to ensure the safety, security, and reliability of OT environments. This initiative comes amid a broader context of increasing cyber risks to industrial control systems (ICS) and OT, as highlighted by a significant rise in internet-exposed ICS devices and a surge in vulnerability disclosures across hundreds of vendors and products. CISA’s ongoing advisories and collaborative efforts underscore the urgency for critical infrastructure operators to adopt robust security practices, including those specific to AI integration, to defend against evolving threats targeting essential services and industrial environments.
Mar 21, 2026
AI Security Risks and Guidance for Critical Infrastructure and Enterprises
Recent developments highlight the growing security risks associated with the integration of artificial intelligence (AI) into enterprise and operational technology (OT) environments. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with several international partners, has released new guidance outlining key principles for the secure deployment of AI in OT systems, emphasizing the need for critical infrastructure operators to address unique risks such as process model drift and safety-process bypasses. This guidance is expected to influence regulatory approaches as organizations rapidly adopt AI technologies, often without sufficient security rigor. Concurrently, research from NVIDIA and Lakera AI has introduced a comprehensive framework for evaluating the safety and security of agentic AI systems, which autonomously plan and make decisions, revealing new classes of risks including prompt injection, memory poisoning, and tool misuse that can lead to harmful outcomes even when underlying models function as intended. Industry leaders and CISOs are increasingly recognizing the necessity of offensive security strategies and holistic approaches to address the evolving threat landscape, particularly as AI-driven attacks become more sophisticated. The energy sector, for example, faces heightened threats due to geopolitical tensions and the proliferation of AI-enabled attack tools, prompting calls for multilayered security concepts and proactive measures. As enterprises and critical infrastructure operators accelerate AI adoption, the convergence of new technical frameworks, regulatory guidance, and evolving security practices underscores the urgent need for robust, adaptive defenses against emerging AI-related threats.
Mar 21, 2026