ARTIFICIAL INTELLIGENCE IN CYBERSECURITY OF CRITICAL INFRASTRUCTURE: APPROACHES, ASSESSMENT OF THE STATE AND DEVELOPMENT PROSPECTS

Abstract

The article presents a detailed analysis of modern approaches, an assessment of the current state and prospects for the
development of artificial intelligence (AI technologies, AI systems and AI tools) in ensuring the cybersecurity of critical
infrastructure both at the industry/sectoral levels and at the level of individual facilities. It is emphasized that in the conditions
of rapid growth of digital dependence and the spread of hybrid threats, the issue of protecting critical infrastructure (energy,
telecommunications, transport, medical sectors, water supply, etc.) is gaining strategic importance for ensuring national security,
state stability and the stability of social processes. The application of AI (AI technologies, AI systems and AI tools) in the field
of cybersecurity of critical infrastructure demonstrates a transformative impact on the processes of detecting, identifying and
neutralizing cyber threats. It was noted that AI (AI technologies, AI systems and AI tools) provides a significant increase in the
speed of processing large amounts of data, allows you to accurately identify anomalous actions in networks, predict behavioral
patterns of attackers and provide automated response to incidents. At the same time, it was emphasized that the complexity of
protecting critical infrastructure is due to the integration of IT systems with industrial control systems and operational
technologies, which require specific methods of monitoring, control and management. The close intertwining of
telecommunication networks with networks of production processes and management processes complicates protection and creates the need for specialized AI tools. It was noted that key approaches to the application of AI in cybersecurity - in particular,
machine learning for early detection of anomalies, automated SOAR technologies for incident response, as well as SCADA/ICS
vulnerability assessment methods - are already successfully used in practice and prove their effectiveness in conditions of real
threats. Special attention is paid to assessing the state of security using AI, which allows not only to promptly respond to active
attacks, but also to predict possible paths of their evolution, ensuring proactive protection. Promising directions for the
development of the AI market in the field of cyber defense of critical infrastructure are considered. Among them, the expansion
of the use of autonomous cyber-immune systems focused on creating self-learning and self-managed security environments is
highlighted; further market segmentation and development of specialized AI for individual sectors of critical infrastructure;
integration of AI into complex corporate security ecosystems. A number of recommendations are proposed aimed at increasing
the efficiency and resilience of the critical infrastructure cybersecurity system. Key recommendations include: active
implementation of hybrid systems "AI + human control" to ensure the optimal combination of automation and expert assessment;
regular updating and adaptation of AI models to new types of threats; investing in the development of human capital through
training and advanced training of specialists in the field of AI and cybersecurity; harmonizing national approaches with
international standards (in particular, NIST CSF and ISO/IEC 27001); forming state programs for integrating AI into the critical
infrastructure protection system; actively expanding international cooperation focused on exchanging information about cyber
threats and best practices in the use of AI. It is emphasized that effective inter-sectoral, inter-sectoral and interstate interaction
of expert communities is a key condition for building a modern, adaptive and sustainable system of cyber protection of critical
infrastructure, capable of withstanding the growing challenges of the digital age.
Keywords: cybersecurity, critical infrastructure, cyber-physical systems, artificial intelligence, machine learning, threat
detection, response automation.

References
1. Держспецзв’язку презентували інструмент оцінки кібербезпеки для українських організацій. 2024.
https://ain.ua/2024/09/30/instrument-ocinki-kiberbezpeki/.
2. Держспецзв’язку провела презентацію інструменту оцінки кібербезпеки CSET (Cybersecurity Evaluation
Tool) та провела практичне заняття з його використання. 2024. https://delo.ua/telecom/derzspeczvyazkuprezentuvala-novii-instrument-ocinki-kiberbezpeki-436947/.
3. Зоря І.С., Марущак А. В. застосування штучного інтелекту для виявлення та реагування на
кіберзагрози. 2024. http://ir.lib.vntu.edu.ua/bitstream/handle/123456789/42057/20610.pdf?sequence=3&isAllowed=y .
4. Інструмент оцінки кібербезпеки (CSET). https://www.cisa.gov/resources-tools/services/cyber-securityevaluation-tool-cset.
5. Інструмент оцінки кібербезпеки CSET. https://csirt.csi.cip.gov.ua/uk/pages/cset .
6. Мануілов Я.С. Забезпечення кібербезпеки об’єктів критичної інфраструктури в умовах кібервійни.
Інформація і право. № 1(44)/2023. С.154-163.
7. Нормативно-правова база у сфері захисту об'єктів критичної інфраструктури України.
https://csirt.csi.cip.gov.ua/uk/pages/cio.
8. Подвійні переваги штучного інтелекту в кібербезпеці: висновки зі звіту Benchmark Survey за 2024 рік.
2024. https://hyperproof.io/resource/ai-in-cybersecurity-2024-benchmark-report/.
9. Про затвердження Положення про організаційно-технічну модель кіберзахисту : постанова Кабінету
Міністрів України від 29.12.2021 № 1426. https://zakon.rada.gov.ua/laws/show/1426-2021-%D0%BF#Text.
10. Про критичну інфраструктуру : закон України від 16.11.2021 № 1882-ІХ. Відомості Верховної Ради
(ВВР), 2023, № 5, ст.13. https://zakon.rada.gov.ua/laws/show/1882-20#Text.
11. Пуаро К. Огляд тенденцій кібер-штучного інтелекту: підготовка до 2025 року. 2024.
https://www.infosecurity-magazine.com/news-features/cyber-ai-trends-review-preparing/.
12. Федорченко О.С. Роль штучного інтелекту у забезпеченні кібербезпеки України: сучасний стан та
перспективи розвитку. Інформація і право. № 3(54)/2025. С.139-146. DOI: https://doi.org/10.37750/2616-
6798.2025.3(54).340521. http://il.ippi.org.ua/article/view/340521 .
13. Як AI захищає критичну інфраструктуру України: все про кібербезпеку OT/ICS. 2025. https://neoversity.com.ua
/blog/yak-ai-zahishchaie-kritichnu-infrastrukturu-ukrayini-vse-pro-kiberbezpeku-ot-ics.
14. AIxCC: AI Cyber Challenge / Defense Advanced Research Projects Agency. Arlington, VA : DARPA, 2024.
https://www.darpa.mil/research/programs/ai-cyber .
15. Artificial Intelligence and Cybersecurity / European Union Agency for Cybersecurity. Athens : ENISA, 2024.
62p. https://www.enisa.europa.eu/publications/artificial-intelligence-and-cybersecurity .
16. Artificial Intelligence: DHS Needs to Improve Risk Assessment Guidance for Critical Infrastructure Sectors /
U.S. Government Accountability Office. Washington, DC : GAO, 2024. 42p. (GAO-25-107435). https://www.gao.gov/
assets/gao-25-107435.pdf .
17. Assess the current state of the cybersecurity program and identify capability gaps. (Оцінити поточний стан
програми кібербезпеки та виявити прогалини в можливостях) 2024. https://www.gartner.com/en/ cybersecurity/
topics/cybersecurity-roadmap.
18. CISA's 2024 Year in Review / Cybersecurity and Infrastructure Security Agency. Washington, DC : CISA,
2024. 80p. https://www.cisa.gov/sites/default/files/2024-12/CSAC%20Annual%20Report_20241210.pdf .
19. Crichton, K. Securing Critical Infrastructure in the Age of AI / K. Crichton, J. Baker, A. Luedtke // Center for
Security and Emerging Technology. Washington, DC : CSET, 2024. 58p. https://cset.georgetown.edu/wpcontent/uploads/CSET-Securing-Critical-Infrastructure-in-the-Age-of-AI.pdf.
20. Cyber AI Trends Review: Preparing for 2025 / Infosecurity Magazine. London : Infosecurity Magazine, 2025.
https://www.infosecurity-magazine.com/news-features/cyber-ai-trends-review-preparing/.
21. DHS Artificial Intelligence Roadmap / Department of Homeland Security. Washington, DC : DHS, 2024. 36p.
https://www.dhs.gov/sites/default/files/2024-03/24_0315_ocio_roadmap_artificialintelligence-ciov3-signed-508.pdf .
22. DHS Highlights AI as a Threat and Asset to Critical Infrastructure in New Priority Guidance / Nextgov/FCW.
Washington, DC : Nextgov/FCW, 2024. https://www.nextgov.com/cybersecurity/2024/06/dhs-highlights-ai-threat-andasset-critical-infrastructure-new-priority-guidance/397524/ .
23. Emerging Threats to Critical Infrastructure: AI Driven Cybersecurity Trends for 2025 / Capitol Technology
University. Laurel, MD : Capitol Technology University, 2024. https://www.captechu.edu/blog/ai-driven-cybersecuritytrends-2025 .
24. Gartner states that in the GenAI era, the future of cybersecurity lies in prevention rather than detection and
response. 2025. https: // www.gartner.com/en/newsroom / press-releases / 2025-09-18-gartner-says-that-in-the-age-ofgenai-preemptive-capabilities-not-detection-and-response-are-the-future-of-cybersecurity.
25. Idaho National Laboratory. Cyber Security Evaluation Tool (CSET) User Guide. https://inl.gov/wpcontent/uploads/2020/06/CSET-User-Guide.pdf.
26. Safety and Security Guidelines for Critical Infrastructure Sector Owners and Operators / Department of
Homeland Security. Washington, DC : DHS, 2024. 24p. https://www.dhs.gov/sites/default/files/2024-04/24_0426_
dhs_ai-ci-safety-security-guidelines-508c.pdf .
27. The Cybersecurity Provider's Next Opportunity: Making AI Safer / McKinsey & Company. New York :
McKinsey & Company, 2024. https: // www.mckinsey.com / capabilities / risk-and-resilience/our-insights/thecybersecurity-providers-next-opportunity-making-ai-safer .
28. The Dual Edges of AI in Cybersecurity: Insights from the 2024 Benchmark Survey Report / Hyperproof.
Seattle, WA : Hyperproof, 2024. https://hyperproof.io/resource/ai-in-cybersecurity-2024-benchmark-report/ .
29. What is Operational Technology (OT) Cyber Security?. https://www.axians.co.uk/glossary/what-isoperational-technology-security/#:~:text=Operational%20Technology%20(OT)%20security%2C,vulnerabilities%
20from%202017%20to%20