CISA executive warns OT sector: AI ‘lowers barriers to entry’ for cyberattacks

WASHINGTON — Following reporting on an AI-orchestrated cyberespionage campaign involving Anthropic’s Claude model, CISA’s cybersecurity chief is urging the operational technology (OT) sector to prepare for a faster, higher-volume threat environment. In a conversation on the Cyber Focus podcast, CISA’s Executive Assistant Director for Cybersecurity Nick Andersen said the basics of defense still apply, but attackers can now scale in ways defenders aren’t used to absorbing.

“This is just the next evolution in continuing to sort of reduce cost and barriers to entry for people that want to be malicious actors in cyberspace,” Andersen said.

The discussion comes as Washington weighs the implications of Anthropic’s disclosure and a related House Homeland Security joint subcommittee hearing this week examining how attackers can bypass model safeguards. Andersen said the incident’s “firstness” should be treated as a wake-up call for infrastructure operators, not a one-off curiosity.

He framed the practical shift as “scope, scale and velocity” — AI-enabled tooling that can compress timelines from reconnaissance to exploitation and drive a “volumetric increase” in activity from both nation-states and criminal groups.

Safety first, but control is key

For OT owners and operators — where cyber incidents can have real-world consequences — Andersen stressed that AI can be a force multiplier, but only with disciplined governance. “We still think it’s incredibly important for humans to remain in the loop,” he said, arguing that the goal is to help defenders “move a little bit faster” and make “smarter decisions faster,” not to automate judgment out of the system.

That governance starts with hard choices about autonomy. OT operators, Andersen said, “are going to have to have some … really tough conversations … about what control are they willing to give away” to automated systems. In critical infrastructure settings, he added, “safety and security has to come first,” and OT’s safety-driven culture should shape how organizations adopt AI — including what data systems can access, what they can change, and what requires human approval.

Breaking down legal barriers

Andersen also argued that AI-driven speed raises the cost of hesitation, especially when companies delay sharing suspicious activity because of legal exposure or reputational risk. CISA, he said, needs an environment where operators “feel comfortable raising their hand and saying we see something that’s going on,” rather than letting disclosures get “bogged down in a legal review for three and a half months.”

He said long-term clarity around information sharing protections — including reauthorization of “elements like CISA 2015” — can help, but culture matters as much as statute: Early reporting should be treated as responsible behavior, not failure.

A unified defense

Andersen warned that defenders face opponents with focus. “Our adversary has a pretty clear eyed view of what they’re trying to achieve,” he said, describing objectives that include “discord and societal panic” alongside technical impact.

To sustain public confidence, Andersen said government and industry have to operate as partners and show progress transparently. “That’s the only way we’re going to get to the point where the American people are going to have any confidence that we’ve got their backs here,” he said.

For OT operators, he added, the stakes are ultimately about trust: Americans “expect the lights to come on when they flip on a light switch.” In an AI-accelerated threat environment, Andersen’s message was to resist silver-bullet claims, keep humans accountable, and treat governance and safety discipline as the front line.

Get the full episode and subscribe to the Cyber Focus podcast here.