{"id":121686,"date":"2024-02-16T06:04:07","date_gmt":"2024-02-16T06:04:07","guid":{"rendered":"https:\/\/www.controleng.com\/articles\/artificial-intelligence-in-cybersecurity\/"},"modified":"2025-04-23T19:00:46","modified_gmt":"2025-04-24T00:00:46","slug":"artificial-intelligence-in-cybersecurity","status":"publish","type":"post","link":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/","title":{"rendered":"Artificial intelligence in cybersecurity"},"content":{"rendered":"<h2>Cybersecurity insights<\/h2>\n<ul>\n<li>AI and machine learning are increasingly being used in cybersecurity for algorithmic detection of threats, with Lesley Carhart of Dragos highlighting their application in identifying outliers and automating data analysis beyond human capability.<\/li>\n<li>The rise of AI technologies also presents new avenues for threat actors, enabling them to leverage AI tools for crafting attacks, including the generation of malicious configurations for industrial control systems without in-depth knowledge.<\/li>\n<li>AI&#8217;s integration into cybersecurity is lowering the barrier to entry for attacks on industrial control systems, with standardized processes and technologies alongside new informational resources making it easier for attackers to disrupt complex operational technologies.<\/li>\n<\/ul>\n<hr \/>\n<p><iframe loading=\"lazy\" title=\"Bridging the Gap: Lesley Carhart on AI in Cybersecurity\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/loszGl3EuZI?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p>The use of artificial intelligence (AI) has skyrocketed across almost every industry vertical, and cybersecurity is no different. On trade show floors, every cyber solutions provider seems to be offering some sort of AI solution for both companies and individuals.<\/p>\n<p>Recently, <em>ICS Pulse<\/em> sat down with Lesley Carhart to discuss the proliferation of AI in cybersecurity. Carhart is the director of ICS cybersecurity incident response at Dragos, where she leads response to and proactively hunts for threats in customer ICS environments. They&#8217;re retired from the U.S. Air Force Reserves and are a very in-demand speaker and dedicated teacher.<\/p>\n<p>\u201cAI is kind of this ambiguous, imposing buzzword right now that&#8217;s being thrown around everywhere in sales and in technology. Really, where you see it today is in our tooling for cybersecurity. First of all, in terms of machine learning and algorithmic detection of bad stuff,\u201d said Carhart. \u201cMachine learning usually involves big data and a lot of mathematics to get to a result, to figure out what&#8217;s most common, least common, what stands out statistically, the things that are outliers, because those can be interesting to detect bad stuff.\u201d<\/p>\n<p>To put this into layman\u2019s terms, a lot of the touted \u201cAI\u201d solutions aren\u2019t AI at all: They\u2019re machine learning, or even just automation. It\u2019s using computers to detect \u201ccomputer stuff\u201d on a large scale, larger than our human brains can process quickly, according to Carhart.<\/p>\n<h2>How threat actors can use AI<\/h2>\n<p>With the rise of AI, there has also been a growing concern about how threat actors will use it.<\/p>\n<p>\u201cIt&#8217;s always been there in the background in the last decade of me working in cybersecurity,\u201d Carhart said.<\/p>\n<p>Cybersecurity deals with a lot of data detections, behaviors, emails and people using their computers in different ways, which generates a ton of forensic information, according to Carhart. It\u2019s difficult as a single human being, or even as a small team of humans, to go through all that information and find what&#8217;s abnormal. There have always been computers helping process all of this data, but now we&#8217;re starting to see adversaries leverage those tools, too. According to Carhart, that\u2019s expected. It&#8217;s a constant cat and mouse game between defenders and attackers, and we see the attackers leveraging those same tools to manipulate and process data.<\/p>\n<p>\u201cWe&#8217;re also seeing things in the terms of like ChatGPT being used in attacks because it&#8217;s good at generating computer stuff in a very general functional way,\u201d Carhart said. \u201cWhat we&#8217;ve seen in the industrial space is attackers starting to explore generating malicious configurations for industrial equipment they might not personally understand because that data is out there floating on the internet somewhere.\u201d<\/p>\n<p>Part of this has to do with ladder logic for various systems and how to program processes are so similar that it\u2019s easy for threat actors to do something nefarious. According to Carhart, people are starting to look at, &#8220;Can we tell this process to do something nefarious without actually knowing how to program the PLCs in that process ourselves?&#8221; It\u2019s a very legitimate way to generate computer code that&#8217;s functional from all those bits of data floating around.<\/p>\n<h2>AI and industrial control systems<\/h2>\n<p>Even more importantly, AI is making the threat actor\u2019s job easier when attacking industrial control systems.<\/p>\n<p>\u201cI think there&#8217;s a confluence of things right now that are lowering the barrier to entry in industrial cyberattacks,\u201d said Carhart.<\/p>\n<p>Part of that is the normalization of processes and technology in operational technology (OT). People are using a lot of the same PLCs from the same manufacturers and making the same errors across verticals, according to Carhart. This has created a more normalized, homogenous attack surface. We also see new sources of information, from both AI and repositories like Shodan on the internet, that are making it easier for people to learn how to conduct attacks against processes.<\/p>\n<p>\u201cThe challenge hasn&#8217;t been, it&#8217;s hard to program a PLC. You can go out and learn how to do that tomorrow. The challenge is processes are complicated, generating power is complicated, distributing power and oil and gas, very complicated,\u201d Carhart said. \u201cUnderstanding how to tamper with those processes in a way that actually causes an impact is very hard. But, again, with the confluence of things that are happening, it&#8217;s getting a little bit easier to do those types of things.\u201d<\/p>\n<p>Watch the video for additional insights and thoughts from Carhart.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The use of artificial intelligence has skyrocketed across almost every industry vertical, and cybersecurity is no different.<\/p>\n","protected":false},"author":1386,"featured_media":121687,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"pgc_sgb_lightbox_settings":"","footnotes":""},"categories":[104076],"tags":[],"tracking-metrics":[],"display-location":[],"class_list":{"2":"type-post"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Artificial intelligence in cybersecurity - Control Engineering<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Artificial intelligence in cybersecurity - Control Engineering\" \/>\n<meta property=\"og:description\" content=\"The use of artificial intelligence has skyrocketed across almost every industry vertical, and cybersecurity is no different.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/\" \/>\n<meta property=\"og:site_name\" content=\"Control Engineering\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ControlEngineeringMagazine\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-16T06:04:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-04-24T00:00:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"645\" \/>\n\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Tyler Wall\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@controlengtips\" \/>\n<meta name=\"twitter:site\" content=\"@controlengtips\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tyler Wall\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/\"},\"author\":{\"name\":\"Tyler Wall\",\"@id\":\"https:\/\/www.controleng.com\/#\/schema\/person\/13c3feb6b8370a333c2ecd46047acd8c\"},\"headline\":\"Artificial intelligence in cybersecurity\",\"datePublished\":\"2024-02-16T06:04:07+00:00\",\"dateModified\":\"2025-04-24T00:00:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/\"},\"wordCount\":877,\"publisher\":{\"@id\":\"https:\/\/www.controleng.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png\",\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/\",\"url\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/\",\"name\":\"Artificial intelligence in cybersecurity - Control Engineering\",\"isPartOf\":{\"@id\":\"https:\/\/www.controleng.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png\",\"datePublished\":\"2024-02-16T06:04:07+00:00\",\"dateModified\":\"2025-04-24T00:00:46+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#primaryimage\",\"url\":\"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png\",\"contentUrl\":\"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png\",\"width\":645,\"height\":350,\"caption\":\"Courtesy: CFE Media and Technology\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.controleng.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Artificial intelligence in cybersecurity\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.controleng.com\/#website\",\"url\":\"https:\/\/www.controleng.com\/\",\"name\":\"Control Engineering\",\"description\":\"Control Engineering covers and educates about automation, control and instrumentation technologies\",\"publisher\":{\"@id\":\"https:\/\/www.controleng.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.controleng.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.controleng.com\/#organization\",\"name\":\"Control Engineering\",\"url\":\"https:\/\/www.controleng.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.controleng.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/12\/ce_logo.png\",\"contentUrl\":\"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/12\/ce_logo.png\",\"width\":300,\"height\":93,\"caption\":\"Control Engineering\"},\"image\":{\"@id\":\"https:\/\/www.controleng.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/ControlEngineeringMagazine\",\"https:\/\/x.com\/controlengtips\",\"https:\/\/www.linkedin.com\/company\/control-engineering-magazine\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.controleng.com\/#\/schema\/person\/13c3feb6b8370a333c2ecd46047acd8c\",\"name\":\"Tyler Wall\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.controleng.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9c6c547bf943b98603c4392025af2612f9a4ea7b8a5637dc19b1e3f69a7ff63c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9c6c547bf943b98603c4392025af2612f9a4ea7b8a5637dc19b1e3f69a7ff63c?s=96&d=mm&r=g\",\"caption\":\"Tyler Wall\"},\"url\":\"https:\/\/www.controleng.com\/author\/tyler-wall\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Artificial intelligence in cybersecurity - Control Engineering","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/","og_locale":"en_US","og_type":"article","og_title":"Artificial intelligence in cybersecurity - Control Engineering","og_description":"The use of artificial intelligence has skyrocketed across almost every industry vertical, and cybersecurity is no different.","og_url":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/","og_site_name":"Control Engineering","article_publisher":"https:\/\/www.facebook.com\/ControlEngineeringMagazine","article_published_time":"2024-02-16T06:04:07+00:00","article_modified_time":"2025-04-24T00:00:46+00:00","og_image":[{"width":645,"height":350,"url":"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png","type":"image\/png"}],"author":"Tyler Wall","twitter_card":"summary_large_image","twitter_creator":"@controlengtips","twitter_site":"@controlengtips","twitter_misc":{"Written by":"Tyler Wall","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#article","isPartOf":{"@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/"},"author":{"name":"Tyler Wall","@id":"https:\/\/www.controleng.com\/#\/schema\/person\/13c3feb6b8370a333c2ecd46047acd8c"},"headline":"Artificial intelligence in cybersecurity","datePublished":"2024-02-16T06:04:07+00:00","dateModified":"2025-04-24T00:00:46+00:00","mainEntityOfPage":{"@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/"},"wordCount":877,"publisher":{"@id":"https:\/\/www.controleng.com\/#organization"},"image":{"@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#primaryimage"},"thumbnailUrl":"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png","articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/","url":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/","name":"Artificial intelligence in cybersecurity - Control Engineering","isPartOf":{"@id":"https:\/\/www.controleng.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#primaryimage"},"image":{"@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#primaryimage"},"thumbnailUrl":"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png","datePublished":"2024-02-16T06:04:07+00:00","dateModified":"2025-04-24T00:00:46+00:00","breadcrumb":{"@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#primaryimage","url":"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png","contentUrl":"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/11\/ICSP2402_BtG_Carhart-1.png","width":645,"height":350,"caption":"Courtesy: CFE Media and Technology"},{"@type":"BreadcrumbList","@id":"https:\/\/www.controleng.com\/artificial-intelligence-in-cybersecurity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.controleng.com\/"},{"@type":"ListItem","position":2,"name":"Artificial intelligence in cybersecurity"}]},{"@type":"WebSite","@id":"https:\/\/www.controleng.com\/#website","url":"https:\/\/www.controleng.com\/","name":"Control Engineering","description":"Control Engineering covers and educates about automation, control and instrumentation technologies","publisher":{"@id":"https:\/\/www.controleng.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.controleng.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.controleng.com\/#organization","name":"Control Engineering","url":"https:\/\/www.controleng.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.controleng.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/12\/ce_logo.png","contentUrl":"https:\/\/www.controleng.com\/wp-content\/uploads\/2024\/12\/ce_logo.png","width":300,"height":93,"caption":"Control Engineering"},"image":{"@id":"https:\/\/www.controleng.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ControlEngineeringMagazine","https:\/\/x.com\/controlengtips","https:\/\/www.linkedin.com\/company\/control-engineering-magazine\/"]},{"@type":"Person","@id":"https:\/\/www.controleng.com\/#\/schema\/person\/13c3feb6b8370a333c2ecd46047acd8c","name":"Tyler Wall","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.controleng.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/9c6c547bf943b98603c4392025af2612f9a4ea7b8a5637dc19b1e3f69a7ff63c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9c6c547bf943b98603c4392025af2612f9a4ea7b8a5637dc19b1e3f69a7ff63c?s=96&d=mm&r=g","caption":"Tyler Wall"},"url":"https:\/\/www.controleng.com\/author\/tyler-wall\/"}]}},"_links":{"self":[{"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/posts\/121686","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/users\/1386"}],"replies":[{"embeddable":true,"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/comments?post=121686"}],"version-history":[{"count":0,"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/posts\/121686\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/media\/121687"}],"wp:attachment":[{"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/media?parent=121686"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/categories?post=121686"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/tags?post=121686"},{"taxonomy":"tracking-metric","embeddable":true,"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/tracking-metrics?post=121686"},{"taxonomy":"display-location","embeddable":true,"href":"https:\/\/www.controleng.com\/wp-json\/wp\/v2\/display-location?post=121686"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}