TL;DR: AI agents in OT security can perform reconnaissance, adapt lateral movement, and execute multi-stage attacks at machine speed across industrial environments, according to Elisity’s S4x26 analysis. Detection remains necessary, but identity-based containment and network-layer policy are becoming the decisive control when OT systems cannot run endpoint agents.
NHIMG editorial — based on content published by Elisity: AI Agents in OT Security, What S4x26 Revealed for 2026
By the numbers:
- 21.5% of OT organizations reported a cybersecurity incident in the past year.
- 64% year-over-year increase in ransomware attacks against industrial organizations.
- Only 13% of organizations have fully implemented ICS/OT-aware advanced security controls.
Questions worth separating out
A: They should enforce policy at the network layer using device identity, asset role, and protocol need rather than endpoint software.
Q: Why do AI agents make OT security harder than traditional malware?
A: AI agents can adapt reconnaissance and lateral movement in real time, which reduces the value of static signatures and fixed-response playbooks.
Q: What failure mode appears when OT teams rely too heavily on detection?
A: The failure mode is detection-response latency.
Practitioner guidance
- Map industrial trust paths by device identity Build a current inventory of PLCs, RTUs, HMIs, engineering workstations, and the protocols they use, then define communication policy from that identity map rather than from subnet location.
- Contain lateral movement at the network edge Enforce least-privilege communication through segmentation that does not rely on endpoint agents, because many OT assets cannot support them without operational risk.
- Align OT controls to IEC 62443 zones and conduits Use zones and conduits to define which device classes may talk to each other, then validate that the policy reflects actual process dependencies and safety boundaries.
What's in the full article
Elisity's full article covers the operational detail this post intentionally leaves for the source:
- A deeper walk-through of identity-based microsegmentation for OT networks without endpoint agents.
- The conference observations that shaped the argument, including the S4x26 discussions with CISOs and plant security leaders.
- The article's comparison of detection-first architectures versus network-layer containment in industrial environments.
- The practical discussion of how IEC 62443 zones and conduits map to modern OT segmentation choices.
👉 Read Elisity's analysis of AI agents in OT security and machine-speed threats →
AI agents in OT security: are your controls keeping up?
Explore further
Machine-speed attack behaviour is now a governance problem, not only a detection problem. The article's core point is that AI agents can compress reconnaissance, pivoting, and objective execution into timeframes that outpace human triage. That changes the security question from “Can we detect it?” to “What can this identity or device reach if it is compromised?” In OT, the answer depends on communication boundaries, device classification, and process ownership. Practitioners should treat containment as the primary control objective.
A question worth separating out:
Q: Which frameworks should guide OT segmentation against machine-speed attacks?
A: IEC 62443 should shape the industrial zones-and-conduits model, while NIST CSF and identity governance principles help define access boundaries and response expectations. The right question is not which tools to buy, but whether the communication model matches the process model and can still hold under adaptive attack.
👉 Read our full editorial: AI agents in OT security expose the limits of detection-first defense