Erkan Teskancan
Corporate
- Thread Author
- #1
As the manufacturing sector grapples with data disclosure and cyberattacks stemming from artificial intelligence (AI) agents, concerns among security professionals are mounting. The continuous adaptation of malware, in particular, further deepens these anxieties.
βββββββββββββββββββββββββ
π AI Usage and Data Disclosure Concerns π‘
According to Darktrace's recently published AI Cybersecurity Survey, approximately 78% of security professionals in the manufacturing sector are concerned that employees' use of AI agents could increase data disclosure and regulatory risks.
Oakley Cox-Robison, Director of Product at Darktrace, states, "The survey shows that manufacturing security managers are more acutely aware of the impact of data disclosure on their operations compared to other sectors. AI is only accelerating this situation."
Cox-Robison emphasizes that AI increases the risks of data leaks, and these leaks can be accidental or intentional.
βββββββββββββββββββββββββ
βοΈ Policy Deficiency and Preparedness Gap π
Another striking finding of the survey is that only 37% of companies have AI deployment policies. This highlights the significant gap between awareness of AI-generated risks and the secure adoption of the technology.
Cox-Robison notes that companies face challenges such as a lack of funding, resources, and policies in the process of AI adoption.
The key takeaway from the Darktrace report: AI-powered attacks are already affecting the manufacturing sector. 76% of participants state that their organizations have already encountered AI-driven cyber threats.
Furthermore, 90% believe that AI enhances the success of phishing and social engineering attacks, while 49% are concerned about malware that can evolve in real-time. This rate is above the cross-sector average.
The preparedness gap is growing; according to the Darktrace survey, 51% of participants state they are unprepared for AI-driven threats.
βββββββββββββββββββββββββ
π£οΈ Communication and Policy Change Are Essential π
According to Cox-Robison, one reason companies fall short in preparing for and mitigating attacks is a lack of communication and inadequate policy changes. He states that senior executives who encourage the use of AI-powered software do not always fully understand the risks associated with data breaches that these tools pose.
While security professionals are aware of the risks, senior management may not always be as informed, leading to implementation issues.
Cox-Robison adds, "It's such a fast-moving new area that security leaders feel very alone in understanding the implications of it. They know it's important, but they can't get past the unknown."
βββββββββββββββββββββββββ
π Data and Visibility Concerns π‘οΈ
Since data is required to train AI agents, granting access to business data and processes increases the risk of sensitive data disclosure. The Darktrace report reveals that this disclosure is a concern for 60% of participants, while 59% are concerned about accidental policy and regulatory violations.
Cox-Robison says that when implementing agents, data determines how well AI models are trained. Poor AI models result in poor operational efficiency and quality control, which is a risk manufacturers must contend with.
Technologies like generative AI, in particular, increase the potential for data leakage. This may be one reason why manufacturing security leaders understand the risks of AI adoption better than other sectors.
βββββββββββββββββββββββββ
π Solutions: Visibility, Context, and Guardrails π§
Addressing the AI implementation problem requires a different security approach that can operate at the same speed and scale as AI. Cox-Robison lists three priorities for manufacturing organizations: visibility, context, and guardrails.
Risks often stem from a lack of visibility of AI agents within manufacturing organizations. Visibility includes where agents are hosted and used, who is using them (human-to-agent and agent-to-agent identities), and monitoring the commands used in generative AI agents.
Visibility allows for the quantitative determination of risks, enabling real-time detection and policy enforcement.
In terms of context, detecting threats requires understanding patterns within the organization and instantly identifying deviations. This is supported by guardrails that must be embedded into systems, setting boundaries around actions that can be taken with agents.
Many manufacturers still rely on outdated security tools that cannot keep pace with the speed of attacks. Even with the adoption of AI in businesses, risks can increase.
"This will require a new generation of AI-powered security tools," says Cox-Robison. "It doesn't mean the starting point of the problem is very different, but it requires a shift in our mindset about how we're going to solve it."
