New data from Darktrace identified that manufacturers are rapidly embedding AI into production scheduling, quality inspection, logistics optimization and predictive maintenance systems, but the pace of adoption is exposing factory environments to cyber risks that many organizations are not prepared to manage. Agentic systems are powerful because they operate with a high degree of autonomy, but that same independence also introduces significant cyber and operational risk. These agents often hold broad permissions and can execute complex tasks, make decisions, and interact with enterprise tools or external systems with minimal human oversight, expanding potential impact of misuse, compromise, or unintended actions.
“Unlike traditional AI models that perform predefined tasks, AI agents use advanced techniques to mimic human decision-making processes, dynamically adapting to new challenges, making decision and taking action based on their own judgment,” Oakley Cox, director of product at Darktrace, wrote in a Thursday blog post. “They look like employees operationally, but lack judgment, ethics, or fear of consequences like humans do. This means they can be easily manipulated by cybercriminals, and an AI agent embedded across an OT network creates threats that extend well beyond data exposure.”
Cox added that adopting agentic AI systems across manufacturing raises some concerns across security teams. “New data from our State of AI Cybersecurity survey shows that 78% of manufacturing security professionals are worried about employee use of AI agents – their top concern. That’s followed by employee use of generative AI tools like CoPilot and ChatGPT, a worry for 76% of security professionals at manufacturing organizations.”
As these tools gain more access to business data and processes, and more autonomy within organizations, security teams, who today have minimal visibility of agent activity in their environments, increasingly have sensitive data exposure (a worry for 60%) and accidental policy and regulatory violations (59%) on their minds.
Darktrace recognized that manufacturers are seeing the impact of AI-driven cyber threats as attackers increasingly use AI to automate reconnaissance, sharpen targeting, and adapt attacks in real time. What once required significant time, coordination, and manual effort can now be carried out continuously and at scale, allowing hackers to identify vulnerabilities faster, personalize phishing and social engineering campaigns, and move more efficiently across interconnected IT and OT (operational technology) environments.
“According to manufacturing security professionals we surveyed, 76% are already being impacted by AI-powered threats and 90% see AI increasing the success of social engineering attacks,” Cox wrote. “And the techniques themselves are evolving. Concerns across the manufacturing sector show growing anxiety about the range of AI-powered attack routes, most pressingly of adaptive malware that evolves in real-time – a prospect half (49%) of manufacturing security professionals we surveyed are worried by, a full 9% more than the average across industries.”
AI adaptive malware is followed by automated vulnerability scanning and exploit chaining (48%), which has become even more pressing as Anthropic’s new Mythos AI model accelerates vulnerability discovery. Hyper-personalized phishing campaigns (46%) also remain a mainstay in attackers’ arsenals, with AI amplifying their effectiveness by making phishing emails more convincing, targeted, and difficult to detect.
Despite rising awareness, many manufacturers are not yet equipped to manage this shift. More than half (51%) say they are not adequately prepared for AI-driven threats, and only 37% have formal policies governing AI deployment.
Cox highlighted that the rise of agentic AI is transforming manufacturing by powering next-generation operations while reshaping the security landscape. This is not just an increase in threats, but a shift to autonomous systems, continuously evolving behaviors, and risks moving at machine speed. For organizations trying to grapple with the challenge of enabling AI while managing the risk, visibility, context and guardrails should be foundational.
Securing AI through visibility, context, and guardrails requires manufacturers to rethink how security operates in increasingly AI-driven environments. The answer is not to slow innovation, but to adopt security approaches capable of operating at the same speed, scale, and complexity as AI itself. For manufacturers looking to capitalize on AI’s potential without expanding operational risk, three priorities are emerging. Visibility is foundational because organizations cannot secure AI systems, data flows, or autonomous processes that are not fully visible or understood.
“Organizations need to understand where AI is being used, what it can access, and how it behaves across both IT and OT environments. Without that, risk cannot be measured or managed,” Cox identified. “It is no surprise that Darktrace’s research found that 91% of manufacturing security professionals said that they need to understand how AI makes decisions before trusting it. This is even more critical in operational settings where disruption has safety, environmental, financial, and reputational impacts. Context is what turns visibility into action.”
The post mentioned that in environments shaped by AI, normal behavior is constantly shifting. “Detecting threats requires a behavioral approach; understanding patterns of life across the organization and identifying subtle deviations in real time – a step change in organizations’ traditional approach to security and risk management. Guardrails ensure that agency does not become exposure.”
As AI systems take on greater responsibility, organizations need clear boundaries around what they can do and when they can act independently. These controls must be embedded into systems themselves, not applied after the fact.
