Secure AI Adoption Framework for ICS/OT
About This Session
Join this session to learn about a new open community framework designed to provide structured guidance for the safe, secure, and compliant integration of Artificial Intelligence (AI) into ICS and OT environments.
As organizations plan to adopt AI for predictive maintenance, anomaly detection, and process optimization, this framework will address the critical challenges at the intersection of AI and industrial operations. It establishes governance structures and risk management approaches aligned with commonly accepted international standards. It also includes OT-specific considerations such as threat modeling approaches, explainability requirements for safety-critical decisions, and secure AI development practices.
Key components include operational safeguards for AI deployment, incident response procedures tailored to AI-specific failures, resilience mechanisms with fail-safe fallbacks, and regulatory alignment with industrial safety standards. The framework will also provide practical implementation guidance through a phased adoption roadmap and an application-based tool to help organizations navigate their compliance and guidance.
By addressing both technical and organizational challenges, this framework will enable organizations to responsibly leverage the potential of AI while maintaining the safety, reliability, and security of critical industrial infrastructure.
As organizations plan to adopt AI for predictive maintenance, anomaly detection, and process optimization, this framework will address the critical challenges at the intersection of AI and industrial operations. It establishes governance structures and risk management approaches aligned with commonly accepted international standards. It also includes OT-specific considerations such as threat modeling approaches, explainability requirements for safety-critical decisions, and secure AI development practices.
Key components include operational safeguards for AI deployment, incident response procedures tailored to AI-specific failures, resilience mechanisms with fail-safe fallbacks, and regulatory alignment with industrial safety standards. The framework will also provide practical implementation guidance through a phased adoption roadmap and an application-based tool to help organizations navigate their compliance and guidance.
By addressing both technical and organizational challenges, this framework will enable organizations to responsibly leverage the potential of AI while maintaining the safety, reliability, and security of critical industrial infrastructure.
Speakers
Clint Bodungen
Director, AI/ML Engineering - MorganFranklin Cyber
Clint Bodungen is a globally recognized ICS cybersecurity professional and thought leader with 30+ years of experience (focusing primarily on industrial cybersecurity, red teaming, and risk assessment), and has also worked in game development and AI for 10+years. He is the author of two best-selling books, "Hacking Exposed: Industrial Control Systems" and “ChatGPT for Cybersecurity Cookbook.” He is a United States Air Force veteran and has worked for notable cybersecurity firms like Symantec, Booz Allen Hamilton, and Kaspersky Lab, and is currently the Founder/Head of Product Innovation at ThreatGEN as well as the Director of AI/ML Engineering at MorganFranklin Cyber. Renowned for his creative approach to cybersecurity education and training, Clint has been at the forefront of integrating gamification and AI applications into cybersecurity training. He created “ThreatGEN® Red vs. Blue”, the world's first online multiplayer computer designed to teach real-world cybersecurity and “AutoTableTop”, which uses the latest generative AI technology to automate, simplify, and enhance IR tabletop exercises. As AI technology continues to evolve, he hopes to help revolutionize the cybersecurity industry using gamification and generative AI.
Suhail Ahmad Rana
Al Assurance and OT/Cybersecurity Professional - Independent AI Assurance and Cybersecurity/OT Professional
Suhail Ahmad Rana is a Cybersecurity GRC and AI assurance professional with almost two decades of experience, specializing in ICS and OT security, smart city projects, and the region’s largest electricity provider. He focuses on governance, risk, and compliance aligned with ISO 27001, ISA/IEC 62443, with local regulations and international standards. He holds CISM, CRISC, CISA, ISO 27001 Lead Auditor, ISO 42001 Lead Implementer, and ISACA’s Advanced in AI Audit (AAIA) certifications. He has published research on Retrieval Augmented Generation in cybersecurity and is developing AI governance frameworks for ICS environments.