The promise and pitfalls of AI in critical national infrastructure

AI is already being put to use across critical national infrastructure (CNI). The technology is used for forecasting, maintenance and asset management, grid and network optimisation, and is even becoming an integral part of customer service. And there is scope to do so much more. There is little doubt that AI has the potential to transform CNI in the future.

However, as with any new technology, AI also comes with risks. There are major concerns over whether CNI sectors have the necessary digital maturity to adopt AI safely, with modernisation across many of these sectors being in the relatively early stages. Further complicating matters is the absence of mature, field‑proven governance frameworks for managing AI, particularly for Operational Technology (OT) environments. This not only creates tension between opportunity, and safety, but also leaves organisations without clear guardrails for adoption.

Shying away from AI would be a missed opportunity. But, as CNI sectors are essential to societal safety, the technology must be implemented with great care and consideration.

The convergence of OT and IT

The UK defines 13 sectors as CNI, including energy, water and transport. Many of these industries, particularly the likes of energy, are still in the relatively early-to-mid-stages of modernisation. A significant part of this modernisation drive involves grappling with vast operational technology (OT) networks and navigating the convergence of OT and IT systems. This alone is a huge task and, while it brings a myriad of benefits, such as improved efficiencies and greater data insights, it also comes with risks. Specifically, OT/IT convergence drastically increases the attack surface, with systems that had previously been offline now exposed to cyber threats.

A concern here is that if these industries have not yet navigated OT/IT convergence, introducing AI to the equation could do more damage than good. Over-indexing on AI – implementing too much, too soon – could potentially create a ‘running before we can walk’ scenario. Attacks on OT are already on the rise; our Security Navigator Report found a startling 39% increase in cyber-attacks impacting OT systems between 2023 and 2024, compared to the entire 35 years prior. If AI is introduced carelessly, it could become another vector for attackers to gain access to these critical networks.

The risks of AI in CNI

There are many ways attackers could exploit AI. Agentic AI, for instance, can be made up of multi-agent systems deployed over interfaces with inevitable vulnerabilities. Attackers may look to gain access and steal the sensitive information models hold for malicious purposes – such as causing mass disruptions to a country’s water or energy supply.

Increased autonomy in generative AI means hackers can employ prompt injections to elicit unexpected behaviour in an LLM, circumventing its alignment policy and potentially generating unwelcome or compromising responses. Examples of attack methods range from context switching and data poisoning, to concealing harmful code and prompts within input data; all of which can lead to unauthorised content generation or mass service disruption.

Moreover, relying too heavily on AI for decision-making within any industry is risky, as LLMs can hallucinate and provide incorrect responses. AI agents can ‘go rogue’ because of incorrect data, poor training or lack of controls. None of it is foolproof yet. And the more reach the AI has through agents and integration, the greater the potential for things to go wrong.

With great innovation comes great responsibility

However, amid all these risks, there is still huge potential for AI to positively transform CNI sectors, like energy. It’s widely accepted that AI could be used to ensure grid continuity, to obtain greater predictive insights through Digital Twins, and to even autonomously run and maintain networks. As such, it’s not necessarily a question of ‘if’ AI should be implemented into CNI, but rather ‘how’ and ‘when’.

Alignment with established standards, such as ISA/IEC 62443 and NIST SP 800-82, and existing frameworks like NCSC CAF, should underpin AI deployments to ensure zoning, risk management and change control are rigorously applied. Strong segmentation and one-way data flows should also be adopted to prevent AI platforms in IT from becoming a conduit back into control networks.

However, as the regulatory landscape continues to evolve, CNI organisations must also adopt proactive measures to secure AI roll-out. The key to effectively leveraging AI’s potential is to take both a security-first and human-centric approach, which ensures automated decisions are transparent and aligned with both regulatory requirements and organisational objectives. This approach is what we call “Secure Automated Decision-Making”, and it harnesses AI’s potential whilst maintaining human oversight to truly enhance the quality of decision-making.

Industry & Government-led initiatives

On a broader scale, we are seeing an increasing number of government-led initiatives in the UK to tame the AI threat and tap into its potential safely. Skills England recently unveiled a new AI Skills Framework, Adoption Pathway and Employer Checklist to support wider and more responsible AI use across 10 priority sectors, including Clean Energy Industries. Ofgem called for input on a proposal to create an Ofgem AI technical sandbox to test AI’s uses in the energy sector and the ONR was awarded funding to develop AI using sandboxing, and we’re also seeing similar initiatives happening in the EU.

Sandboxing will be a crucial step for AI in CNI, allowing organisations to test it safely in sandbox and shadow mode before deploying and scaling in real-world environments. Government-funded testbeds for OT systems could also significantly influence the responsible roll-out of AI, and should be complemented with mandated swift reporting of AI incidents. Setting up sector communities or forums, such as the UK’s Cyber-security Information Sharing Partnership (CISP) could also play a pivotal role in ensuring industry-wide knowledge sharing, both of breakthroughs and of near-misses or all out incidents caused by AI.

AI holds a great deal of potential to transform the CNI sector, yet the risks it introduces cannot be ignored. To navigate this tension between innovation and safety, CNI sectors must take a cautious approach to AI implementation, with transparent decision-making and testing, and keeping the human within the loop. To secure our AI-ready future, the mandate must be to innovate with intent, and to govern with urgency.