[ad_1]
Artificial Intelligence & Machine Learning
,
Attack Surface Management
,
Governance & Risk Management
Exclusion of OT From AI-Powered Vulnerability Discovery Poses Risks to National Security
Hyperscalers and other IT behemoths are on the list. Operational technology companies are not. The list in question is one of the most important in cybersecurity right now – the companies that have special access to powerful new models from the two major U.S. frontier artificial intelligence labs, Anthropic and OpenAI, to identify vulnerabilities before hackers get access to similar technology.
See Also: The Context Crisis: Cloud Security in the Age of AI
“None of the OT companies, none of the organizations that are most representative of that portion of the ecosystem are participating in this and are being represented,” said Tatyana Bolton, executive director of the Operational Technology Cybersecurity Coalition, a trade group that represents OT security companies and OT equipment manufacturers.
None of the half dozen specialist OT cybersecurity companies questioned by ISMG had been approached by either Anthropic or OpenAI. None are listed in public disclosures
Bolton told ISMG the exclusion is an oversight driven by a culture clash.
“When the big players get together, they are not thinking about small scale critical infrastructure operators, they are thinking about their peers. The other hyperscale businesses. When they think about critical infrastructure, they think about JP Morgan Chase, not about some rural water utility in Illinois.”
“It’s Silicon valley vs. rural America, different worlds,” she said.
Anthropic’s press office did not respond to repeated requests for comment. OpenAI’s press office did not respond by publication to a detailed summary of this story.
By restricting access to these advanced models, Anthropic’s Mythos and OpenAI’s GPT‑5.4‑Cyber, the labs say they’re giving defenders a head start – the chance to identify and remediate software flaws before AI models capable of finding and exploiting vulnerabilities become more widely available, and are used by attackers.
By excluding OT from the closed-door discussions about coordinated disclosure of AI-discovered vulnerabilities, the frontier labs are freezing out the sector that has the most to lose, Bolton said.
“OT has to be front and center in these conversations, because it is the biggest vulnerability that we have. It’s already being attacked by nation-state adversaries and the growing capabilities of AI models like Mythos will just supercharge that,” she said.
OT systems are designed to last decades, so security operates at a different rhythm, and according to different rules, added former CISA senior advisor Allan Friedman. But OT manufacturers are stakeholders, just like open-source maintainers and large, full spectrum cybersecurity companies. “Anything that can help critical infrastructure better defend itself is clearly going to be very valuable, especially if we’re in an era when adversaries are going to be using these tools as well,” he said.
Anthropic has pledged to engage in coordinated disclosure and has invited 40 open-source projects into its Project Glasswing. OpenAI’s Trusted Access for Cyber program is providing access to its most advanced models on a tiered basis, but promises that “thousands” of vetted and verified cybersecurity researchers will be able to use gain access.
But whatever processes the frontier labs develop for the disclosure and mitigation of AI-discovered vulnerabilities, probably won’t be optimal in the OT world, where vulnerabilities were often measured differently, explained Friedman, now a senior adjunct technical advisor at the Institute for Security and Technology.
OT security professionals have long complained that mainstream efforts to measure the severity of vulnerabilities don’t reflect the particular way that they manifest in OT systems.
“A process that works for the modern software industry and IT, probably wouldn’t work as a direct port over to OT either from the vendor perspective or from the customers and users. They have different needs and have a different reality in terms of how their technology is deployed and what counts as a vulnerability that is urgent and needs to be addressed, and then how it is addressed,” he said.
The frontier labs had to recognize the specific requirements of OT stakeholders, Friedman said. “It’s not just simply open spigot, dump data and assume that OT vendors are going to be in a position to be able to do all of the triage work themselves.”
Anthropic said it was working with the Apache Foundation and the Linux Foundation “to understand how vulnerability handling is different in open source compared to proprietary software,” said Friedman. “So they understand not all stakeholders are the same.”
Of course, access to the frontier models and a tailored vulnerability disclosure program wouldn’t end the upscale battle that OT cybersecurity often becomes. OT and IoT security vendor Armis “would love to get involved,” with either of the labs’ trusted access programs, said the company’s Chief Technology Officer for OT Carlos Buenano.
But he foresaw issues with resistance to the use of AI from vendors and their customers in the OT world. “Any OT vendor lags, in terms of really adopting this type of [AI] technology, because of the dynamics of the OT [marketplace.]”
OT equipment vendors that had offered security features sometimes found their customers reluctant to endure the necessary friction to adopt them. “That’s the sad reality,” he said.
That reality is made worse, one OT security industry executive said, by the designation of Anthropic as a supply-chain risk by Secretary of Defense Pete Hegseth. The ban allows the military to continue using Anthropic ban for up to six months.
“I think the administration shot themselves in the foot by banning Anthropic. We’re in this competition with China, with Russia and we can’t use one of the best tools there is.” Worse still, the designation was also having a “cascading effect” through the technology sector, making industry players reliant on federal business wary of associating with Project Glasswing (see: Pentagon’s Anthropic Fight Draws Rebuke From Ex-DOD Leaders).
[ad_2]
