The defender’s curse, finally tilting
For most of my career in OT cybersecurity, the defenders have been outgunned. Small teams. Legacy systems we couldn’t patch. Industrial protocols designed in an era when “remote access” meant a serial port and a guy with a clipboard. Adversaries who only needed to be right once while we needed to be right every time, on every node, forever.
AI changed the math. Not gradually. All at once.
I want to be specific about what changed, because the “AI changes everything” line has become a slogan that means nothing. The actual mechanic is this: AI gives the defender, for the first time in the history of the field, a tool that scales with effort the way the attacker’s tools always have.
A nation-state actor spends a month writing a new dropper, they can throw it at ten thousand targets. We used to spend that same month writing one playbook for one client. Now a single senior engineer with a sharp model can write playbooks at the pace the attackers write payloads. The asymmetry is finally bending the other way.
That bend is the entire story of Part 1.
I’m going to walk through where the bend is showing up in cybersecurity, in operational technology, in the tech stack underneath both, and in the careers of the people who do this work. I’m going to lean on guests I’ve had on the show recently. Peter Schawacker, Clark Liu, Ken Foster. They’re operators, not pundits, and what they’re seeing in 2026 lines up with what I’m seeing in the field.
And I’m going to engage directly with Marc Andreessen’s Techno-Optimist Manifesto, because he wrote the loudest version of the case I want to make, and the parts where he overshoots are worth being honest about even when you agree with the spine.
This is the optimistic half. The hard part comes in Part 2. Both halves are true at the same time, and you need both to make a real decision about what to do next.
Your prompts are leaving out 80% of what you're thinking.
When you type a prompt, you summarize. When you speak one, you explain. Wispr Flow captures your full reasoning — constraints, edge cases, examples, tone — and turns it into clean, structured text you paste into ChatGPT, Claude, or any AI tool. The difference shows up immediately. More context in, fewer follow-ups out.
89% of messages sent with zero edits. Used by teams at OpenAI, Vercel, and Clay. Try Wispr Flow free — works on Mac, Windows, and iPhone.
What Andreessen got right
The line in the manifesto that I keep coming back to is this one:
“We believe intelligence is the ultimate engine of progress. Intelligence makes everything better. Smart people and smart societies outperform less smart ones on virtually every metric we can measure.”
He’s not making a metaphysical argument. He’s making an operational one. The thing in short supply in cybersecurity is not budget, not tools, not frameworks. It’s applied intelligence per problem. We have NIST CSF 2.0. We have CIS Controls v8.1. We have ISO 27001 and SOC 2 and FedRAMP and a dozen other lenses. The frameworks are not the bottleneck.
The bottleneck is that every framework has to be operationalized by a small number of humans who know the org well enough to know what “implemented” actually means in that environment. Twenty years ago a competent CISO had to have walked the floor, sat with the SOC, fought the audit, run the IR drill, and personally written half the policy stack. Otherwise the framework was a binder.
There weren’t enough of those people. There still aren’t. There never will be at the pace this profession is being asked to grow.
What AI does is take the work that used to require the senior engineer’s pattern recognition and lets the junior do a decent first pass at it. Not all of it. Not at the quality of a 25-year operator. But ninety percent of the first pass, in five percent of the time. The senior is now free to do the work only the senior can do, which is the judgment call about which of the ninety-percent passes is wrong in a way that matters.
That is the asymmetric advantage. That is what Andreessen means when he says intelligence is in an “upward spiral.”
He overshoots when he writes:
“We believe any deceleration of AI will cost lives. Deaths that were preventable by the AI that was prevented from existing is a form of murder.”
That’s the kind of line you write when you’re trying to win a fight on Twitter. It’s not how I’d argue the point. We’ll get to the deceleration question in Part 2. For now the smaller, more defensible version of the claim is enough: if you are not figuring out how to wield AI as a defender in 2026, the attackers are already wielding it against you. The cost of standing still is real, and that cost compounds.
What’s actually working today, with concrete examples
I’m going to be specific here because abstraction is how AI conversations turn into mush. Below are five places where I can point at the work, name the outcome, and show what changed.
1. SOC alert triage, fully changed
The SOC analyst job in 2018 was triaging a queue of mostly false positives generated by a tool that didn’t understand the environment. Junior analysts burned out in eighteen months. The good ones got promoted to threat hunting or detection engineering. The bad ones stayed and the queue got longer.
In 2026 the senior MDR shops are running models that read the full context of the alert (user, asset, recent activity, prior baseline) and write a draft disposition. Likely false positive because this user accesses this share every Tuesday and the volume is within historical norms. Likely true positive because the asset has never made an outbound connection to this domain and the parent process is a known LOLBin.
The analyst’s job changed. It’s now a Yes / No call on the model’s draft, with the option to override and write a different disposition that retrains the model for that environment. The analyst handles ten times the volume with the same cognitive load, and the false-positive learning curve gets baked back into the system instead of leaving when the analyst quits.
That’s not science fiction. That’s a Tuesday in 2026.
2. AI in OT change management
Clark Liu said something in our conversation that I think will end up being the canonical framing for AI in OT. The first win in OT isn’t autonomous control. It’s change management and documentation.
Every controls engineer who has ever closed a break-fix on a production line has been handed a clipboard, a digital twin that hasn’t been updated since 2017, and forty-five minutes to update the diagram before the next shift hands off. Nobody has the forty-five minutes. The diagram doesn’t get updated. The next year, the as-built drifts another six inches from the physical reality, and the next year another, and by the time it matters (audit, incident, M&A), the as-built is fiction.
The first AI win in OT is the workflow that does that documentation as the work happens. The technician closes the ticket, the model reads the ticket plus the new sensor data plus the prior version of the as-built, and it updates the diagram, adds the node, generates the change-control entry, and writes the maintenance log. The technician reviews it in two minutes instead of writing it in forty-five.
That is the single highest-leverage AI workflow in operational technology right now. It is also the most boring. Nobody is putting it in a keynote deck. It is going to save more downtime, prevent more incidents, and make more audits clean than any clever automation you can name.
3. The asset visibility renaissance
Peter Schawacker said the line of the year on our podcast: “We’ve got 40 years of technical debt that we couldn’t see, or couldn’t afford to see. And the cost of vulnerability discovery is going to zero.”
That second clause is the entire game. Vulnerability discovery is a function of three inputs. Asset inventory. Configuration state. Threat intelligence. All three used to cost real money to maintain, and all three decayed the moment your last person touched them.
AI doesn’t make vulnerabilities go away. It makes the cost of knowing about them collapse. The same agent that walks your environment for the first time, mapping every running service, every open port, every unpatched binary, every misconfigured certificate, will do it again next Tuesday, and the Tuesday after, and the cost of that loop drops to compute instead of headcount.
The implication is that inventory is the number one board topic again, and it has been for the last twelve months. CISOs who couldn’t get a budget item for asset management in 2022 are now getting questions from the audit committee about whether they actually know what’s running. The questions are getting sharper because the directors have been reading the same vendor decks. They want a number. They want to know the size of the gap between the inventory and the reality, and they want to know it on a quarterly cadence.
AI makes that question answerable. That is a bigger structural change in cybersecurity than any single product or framework. It is the move from we know what we documented to we know what is running, and those have never been the same thing.
4. The career ladder gets shorter
Peter Schawacker also built ARAMIS Insight, which is an AI-powered competency platform measured against the NIST NICE framework. The reason it exists is that the cert-first career ladder in cybersecurity has been a polite lie for at least a decade.
The CISSP was supposed to mean you had the breadth to lead a security program. Twenty years ago it kind of did. Today it means you can memorize. The people who can actually defend a network in 2026 are the people who have built one, broken one, and rebuilt it under pressure. The cert tells you almost nothing about the second part.
What changed with AI is that the practical knowledge can now be acquired faster than the cert pipeline can keep up. A motivated junior who spends ninety days in the terminal with a sharp model, building tooling, automating triage, writing playbooks, reading the actual telemetry, is going to be more useful in a SOC than the analyst who spent two years studying for the exams. That’s not an indictment of the certs. It’s an acknowledgment that the world the certs were written for moves slower than the world we’re operating in.
Peter calls the people doing this the “vibe builders” and runs a user group for them. Modeled on the old Linux User Group tradition, which I love because it’s the right cultural antecedent. The early Linux community was self-organized, opinionated, and ran circles around the credentialed enterprise IT crowd for about a decade before the enterprise IT crowd figured out how to hire them. The same pattern is happening now with AI, and the cyber pros who are in the room early are the ones who are going to be unrecognizable in three years compared to where they are today.
The implication for hiring managers is uncomfortable. The CV-driven hiring process most of us run is going to systematically underweight the people you want to hire most. The defenders who are going to matter in 2029 are not going to have the credential stack the HR filter is screening for in 2026. You either fix the filter or you watch them go to a competitor.
5. Compliance, finally automated
There’s an old joke that compliance is the friction you bolt onto operations to slow down innovation enough for the auditors to keep up. The joke landed because it was true. Audit prep in a serious enterprise eats up a quarter of every quarter. Evidence collection, control mapping, gap analysis, remediation tracking, sample testing, audit response. All of it is high-context, low-skill work. The senior engineer is doing it because the controls map to systems only the senior engineer understands. The work is necessary and miserable.
What’s quietly happening in 2026 is that compliance evidence is becoming the byproduct of the work instead of a separate workflow. The same AI that watches the SOC alerts is generating the SOC 2 control-evidence packet on the side. The same AI that catalogs the asset is mapping it to the NIST CSF 2.0 subcategory and tagging the gap. The auditor still does the work of the auditor. But the prep that used to take three months takes three weeks, and the engineer is spending those eight saved weeks doing actual engineering instead of pulling screenshots for the audit binder.
Ken Foster has been quietly building this practice into a business case. He closed a five million dollar deal at MacStadium on the back of ISO 27001 certification. The certification was the artifact. The work that earned it was a security program that turned its evidence generation into a sales accelerator. That’s the next decade of GRC. Compliance as growth, not compliance as overhead.
What this means for OT specifically
The OT side deserves its own section because the conversation in the IT security world about AI is almost entirely happening at a different altitude than the conversation in the OT control room.
Three things matter for OT.
One: predictive maintenance gets real. Every OT vendor has had a “predictive maintenance” slide in their pitch deck for fifteen years. What’s actually shipping in 2026 are models that can ingest the historian, the maintenance log, the ambient temperature, the operator notes, and the supplier’s failure data, and tell you the bearing on Line 4 is going to fail in 72 to 96 hours with 84 percent confidence. The plant manager who used to make that call from twenty years of pattern recognition can now make it from data, and the call is better than the operator’s gut on the median day.
Two: the safety-engineer / cyber-engineer translation problem starts to dissolve. Cyber people and process-safety people have been talking past each other since SCADA was a green-screen terminal. The AI that reads the cyber alert and reads the safety case and writes the translation in language both teams understand is going to fix more cross-team misalignment than any number of joint tabletop exercises. I’ve watched this play out in two engagements already this year, and it is the most underrated change happening in OT cybersecurity.
Three: design-in security finally has a forcing function. Clark Liu’s whole framing on the show was bring cyber in at the design phase, not as a bolt-on later. That has been the right answer for thirty years. The reason it hasn’t happened is that the cyber team isn’t in the room when the design happens. The controls engineer is drawing the line, the process engineer is specifying the PLCs, the safety engineer is doing the HAZOP, and the cyber person is reading about it three months later in a memo.
AI is in the room before all of them now. The CAD package, the simulation platform, the design-of-experiments tool, all of them have AI surfaces. The cyber team that writes a model-readable security policy can have that policy enforce itself on the design as it gets drawn. The AI flags a network segment with no inherent authentication, suggests the protocol upgrade, calls out the safety implication. The cyber person doesn’t have to be in the meeting because the cyber knowledge is in the tool.
That is a real change. It is going to be uneven. Some plants will adopt it in 2026, some in 2032. The plants that adopt it early are going to have a security baseline ten years ahead of the plants that don’t.
The Andreessen frame, applied honestly
Back to the manifesto for a minute. Andreessen writes:
“We believe Augmented Intelligence drives marginal productivity which drives wage growth which drives demand which drives the creation of new supply… with no upper bound.”
The “no upper bound” line is the part that’s going to get him in trouble historically, because every productivity revolution has had upper bounds and they’ve usually shown up as social costs. We’ll talk about those in Part 2.
But the smaller version of the claim is right. Augmented intelligence in cybersecurity is unlocking real wage growth for the practitioners who can wield it, real productivity gains for the orgs that deploy it, and real demand for the new categories of work that didn’t exist three years ago (AI governance, model-security engineering, prompt-attack red-teaming, agent-identity management).
The defenders who lean in are getting paid more, doing more interesting work, and having more impact than their peers from five years ago. That is the case for techno-optimism in this field, and it is empirically grounded. I can name fifteen people I’ve worked with whose careers are visibly compounding because they got into AI tooling early.
The defenders who are sitting it out are also compounding. In the wrong direction. The skill gap between the lean-in cohort and the wait-and-see cohort is widening month over month, and the wait-and-see cohort doesn’t seem to feel it yet. They will.
What it costs you to not adopt
The cost of not adopting AI as a defender is not “you fall behind.” That’s the polite version. The honest version is that the threat surface is going to expand to consume the gap.
Here’s the mechanic. The attacker has the same AI tooling you do. Cheaper, in fact, because the attacker doesn’t have to satisfy procurement, doesn’t have to write a usage policy, doesn’t have to do a vendor risk assessment, and doesn’t have to get the CFO to sign the PO. The attacker has a free tier, a stolen credit card, and a Telegram channel where the latest jailbreak got posted at 3am. The attacker has been at this since 2023.
The defender who hasn’t started running models against their own environment in 2026 is in the same position the defender who hadn’t started running EDR was in around 2019. The signal of the gap is going to be a breach. The breach is going to be unpleasant. The board is going to want to know why the model that flagged the same TTP at three peer companies last quarter wasn’t running here.
Peter Schawacker’s framing of this on the show was exactly right. If GRC embraces AI, cyber experiences a renaissance. If GRC doesn’t, the industry replays the cloud computing debacle. The cloud debacle was the decade we spent treating cloud as somebody else’s data center, refusing to learn the actual primitives, and then waking up to discover that the entire stack had moved and we had to relearn the job in eighteen months under pressure. AI is the same pattern with a tighter clock.
You don’t have to be early. You have to be in.
The wins are concrete and they’re already shipped
I want to close Part 1 with a short list of wins I can point at in actual environments. Not vendor decks. Real work.
A regional utility I worked with cut their average detection-to-response time from 47 minutes to 11 minutes by inserting an AI triage layer in front of their existing SIEM. Same SIEM. Same SOC. Same headcount. The model read every alert, wrote a draft disposition, and routed the high-confidence true positives to the senior analyst’s queue while the false positives went to a self-service explanation interface for the asset owner. The 11 minutes is now the floor, not the average.
A mid-market manufacturer mapped their entire OT environment for the first time in fifteen years using an agent that walked the network with the safety controls of an authenticated read-only scan. They found 4,400 assets. Their CMMS said 2,800. The 1,600 they didn’t know about included three PLCs running 1998 firmware on a flat network reachable from their corporate VPN. They had been audited eight times in those fifteen years. Nobody found it because nobody had the tooling to find it in a week of work. The agent found it in nine hours.
A CISO I advise turned her board reporting from a quarterly slide deck into a continuous dashboard with AI-generated executive summaries. Time spent on board prep dropped from three weeks per quarter to half a day. Time spent answering board questions in between meetings dropped to near zero because the dashboard answered most of them before they got asked. She got promoted to head of risk for the enterprise. The previous head of risk’s job description hadn’t required a security background. Hers does.
A pen tester I trained with built an internal tool that reads the test report, identifies the remediation pattern, and generates the customer-specific playbook for fixing it. What used to take 12 hours of post-engagement writing now takes 90 minutes of review. He’s running twice as many engagements with the same crew. Quality is up because the analysts are spending the saved time on the actual hard finding.
An OT engineer at a chemical facility is using a vibe-coded notebook (in Peter Schawacker’s language) to query the historian in natural language during shift turnover. Show me every alarm on Unit 3 in the last 24 hours that wasn’t acknowledged within five minutes. The query that used to require a sit-down with the controls engineer and a custom report now happens in the time it takes to ask the question.
None of these are exotic. None of them required a moonshot budget. All of them were live and shipping within twelve weeks of the team deciding to try.
That is the techno-optimist case. Specific work, real outcomes, available now.
What to take into Part 2
The case I made in this piece is true. The same case turned ninety degrees is the case in Part 2, and it is also true.
Same technology. Same force multiplier. Same exponential curve. Used by the people who are coming for our systems, our money, our democracy, and (in a few specific scenarios) our lives.
The defender’s renaissance is real. The adversary’s renaissance is the same renaissance.
Part 2: The Price is the honest accounting of what it costs us if we adopt AI without thinking through what we’re adopting. Not Terminator. Not extinction. Real impacts to war, to business, to jobs, to the institutional knowledge of an entire profession, and to the trust infrastructure of the society we’re operating in.
Read both. Decide what you’re going to do about it. Don’t sit it out.
Aaron Crow is the host of PrOTect IT All, a podcast on cybersecurity, OT, and the people doing the work. Recent episodes referenced in this piece: EP107 with Peter Schawacker, EP106 with Clark Liu, EP105 with Ken Foster. Connect on LinkedIn.