Many organizations are operating on legacy operational technology (OT) networks that were never designed for AI-driven automation. While AI can optimize production planning, predictive maintenance, and supply chains, outdated networks leave manufacturers vulnerable to cyberattacks.
A recent TXOne survey found that over half of their OT environments still rely on legacy systems. Meanwhile, IDS-INDATA analysis shows a 20% year-on-year increase in supply chain attacks, with legacy systems being particularly exposed. The National Cyber Security Centre (NCSC) also warns that AI “will almost certainly continue to make elements of cyber intrusion operations more effective and efficient.”
AI is now both an operational advantage and a potential adversary.
Manufacturers that modernize their networks and embed security and compliance early will be the ones who capture AI’s productivity gains while minimizing its risks. With the right foundations, AI can be harnessed confidently.
Here are 4 priorities manufacturers must address before deploying AI.
1. Ensure complete asset visibility and data integrity
AI can only make safe, effective decisions if it has a complete, verified view of all connected devices, data flows, and operational conditions. Without this, mistakes can lead to downtime, production errors, or cascading failures.
Manufacturers should focus on:
- Comprehensive OT/IT asset discovery
- Real-time system monitoring
- Strict data quality and validation controls
Nearly 70,000 OT devices worldwide are exposed to the public internet, many running outdated firmware with known vulnerabilities. Full visibility and trusted data are essential to safe AI deployment.
2. Embed security across IT and OT to support autonomous systems
Legacy networks weren’t built for autonomous systems. Security must be designed in from the start, or manufacturers risk exposing industrial systems to AI-powered malware and precision attacks.
Key steps include:
- Network segmentation and secure remote access
- Continuous threat detection
- Ongoing vulnerability management
Legacy factories weren’t designed for connectivity or cybersecurity, according to Info-Tech Research, underlining the need for embedded security.
3. Established strong governance, compliance, and AI auditability
AI introduces new responsibilities around data handling, decision transparency, and change control. Weak or missing governance increases exposure to regulatory breaches (NIS2, machinery safety, data protection), legal liability, and failed audits.
Manufacturers must establish:
- Structured AI governance and audit logging
- Model traceability and formal change approvals
- Compliance frameworks aligned with industry standards
UK regulators emphasize that AI systems require a clear line of accountability across the AI life cycle, making governance and auditability non-negotiable.
4. Build resilience for emerging AI-enabled cyber threats
Cybercriminals are already using AI to accelerate reconnaissance and automate attacks. Without layered resilience, intrusions can spread quickly across interconnected OT environments, halting production or corrupting system logic.
Effective resilience requires:
- Incident response planning and protected backups
- Micro-segmentation and anomaly detection
- Rapid isolation capabilities to maintain uptime
The NCSC notes that AI is making reconnaissance more effective, efficient, and harder to detect, highlighting the urgency of proactive resilience.
Modernizing networks unlocks AI’s benefits
Manufacturers shouldn’t see this as a barrier to AI adoption. With the right network foundations, visibility, embedded security, and strong governance, AI can deliver huge gains safely. Most issues stem from legacy networks, not AI itself.
Manufacturers already reassessing their operational technology security through segmentation, monitoring, and executive oversight are best positioned to deploy AI confidently, capturing productivity gains without increasing cyber or compliance risk.
