Webinar Description
Key Takeaways
- Examines how frontier AI models such as Mythos and GPT-5.5-Cyber are transforming vulnerability discovery in OT and IoT environments
- Addresses the widening gap between rapid AI-assisted vulnerability identification and slower organisational patching cycles
- Provides defensive strategies for critical infrastructure assets that cannot be easily stopped, rebooted or patched
- Targets OT/IoT security professionals, CISOs and technical leads responsible for utilities, manufacturing, healthcare and transportation systems
- Introduces an OT-native framework for measuring and reducing exposure windows
Introduction
The emergence of advanced AI models capable of autonomously discovering software vulnerabilities has fundamentally altered the threat landscape for operational technology and industrial IoT environments. Zero-Days at AI Speed: An OT/IoT Defender’s Playbook for the Weaponized AI Era is a virtual webinar hosted by Nozomi Networks that examines how security teams protecting critical infrastructure can adapt their defensive postures to counter this accelerating threat. The session is designed for OT/IoT security professionals grappling with the reality that AI has collapsed both the time and expertise required to identify exploitable flaws, creating asymmetric advantages for attackers who can weaponise vulnerabilities before patches become available.
This topic carries particular urgency as industrial control systems, manufacturing equipment and connected devices increasingly face the same vulnerability discovery techniques that have long challenged enterprise IT, but without the luxury of rapid patching cycles or scheduled downtime windows.
About This Event
Structured as a practical working session rather than a conventional product presentation, this webinar is led by Nozomi Networks’ Chief Marketing Officer and Security Research Technical Lead. The format emphasises actionable guidance that attendees can apply directly to their security operations, moving beyond theoretical discussion into concrete defensive measures.
The session targets a technically sophisticated audience including security operations teams, CISOs, security managers and technical leads. Original equipment manufacturers serving industrial sectors will find the content relevant, as will organisations managing critical infrastructure across utilities, manufacturing, healthcare and transportation. Both senior technical practitioners and executive-level stakeholders are addressed, reflecting the cross-functional nature of OT security decision-making.
AI-Driven Vulnerability Discovery and the Changing Threat Calculus
Central to the webinar’s thesis is the impact of frontier AI models on vulnerability research. Systems such as Mythos and GPT-5.5-Cyber represent a new generation of AI capabilities that can systematically analyse code, firmware and protocols to identify security weaknesses at speeds and scales previously impossible. What once required highly specialised human expertise and substantial time investment can now be accomplished through AI-assisted analysis, democratising vulnerability discovery in ways that benefit both defenders and adversaries.
For security teams, this acceleration offers the potential to identify and remediate flaws more quickly. However, the same capabilities in adversarial hands mean that attackers can discover and weaponise vulnerabilities before organisations have completed their assessment and patching processes. This dynamic creates what the session describes as a widening gap between discovery and response, a temporal vulnerability that poses particular challenges for OT environments where patching is neither simple nor always possible.
The Patching Problem in Operational Technology
Unlike enterprise IT systems where patches can often be deployed within days or weeks, operational technology environments face structural constraints that extend vulnerability windows significantly. Industrial control systems frequently run continuously, with downtime measured in substantial financial losses or safety implications. Legacy equipment may lack vendor support or run proprietary systems that cannot accept standard security updates. In some cases, applying patches requires physical access to geographically distributed assets or coordination with operational schedules that cannot be easily adjusted.
These realities mean that traditional vulnerability management approaches, which assume relatively rapid patch deployment, fail to address the operational constraints of industrial environments. The webinar acknowledges this fundamental tension and focuses on defensive strategies appropriate for assets that cannot be easily stopped, rebooted or consistently patched. This pragmatic recognition of OT operational realities distinguishes the session from generic cybersecurity guidance that may not translate effectively to industrial contexts.
Defensive Frameworks for Critical Infrastructure
The session introduces what is described as an OT-native framework for measuring and closing exposure windows. Rather than relying solely on patching velocity as a security metric, this approach acknowledges that exposure management in industrial environments requires compensating controls, enhanced detection capabilities and containment strategies that can limit the impact of vulnerabilities that cannot be immediately remediated.
Practical steps for OT/IoT security teams to detect, contain and mitigate AI-driven threats form a core component of the discussion. This includes guidance on identifying indicators of AI-assisted reconnaissance and exploitation attempts, implementing network segmentation and monitoring strategies appropriate for industrial protocols, and developing response procedures that account for the operational constraints of production environments.
Industry Context and Regulatory Considerations
The convergence of AI capabilities with OT security challenges arrives at a moment when critical infrastructure protection has become a regulatory and national security priority across multiple jurisdictions. Utilities, healthcare systems, transportation networks and manufacturing facilities face increasing scrutiny regarding their cybersecurity postures, with sector-specific requirements emerging alongside broader frameworks.
Organisations in these sectors must balance compliance obligations with operational realities, often working within legacy technology environments that predate current security standards. The industrialisation of vulnerability discovery through AI adds urgency to these challenges, as the volume and velocity of potential threats outpaces traditional risk assessment and remediation cycles.
Who Should Attend
The webinar is designed for professionals with direct responsibility for OT and IoT security within their organisations. Security operations teams working in industrial environments will find the tactical guidance immediately applicable, while CISOs and security managers can use the strategic frameworks to inform programme development and resource allocation decisions. Technical leads responsible for vulnerability management and incident response in critical infrastructure settings represent a core audience segment.
Original equipment manufacturers serving industrial sectors should consider the implications for product security and customer advisory processes. The content is equally relevant for organisations at various stages of OT security maturity, from those establishing foundational capabilities to those refining existing programmes in response to evolving threats.
Conclusion
As AI continues to reshape the vulnerability landscape, OT and IoT security teams face the challenge of defending environments where traditional remediation approaches often prove impractical. This webinar offers a focused examination of how critical infrastructure organisations can adapt their defensive strategies to address AI-accelerated threats while respecting the operational constraints that define industrial environments. The emphasis on practical, actionable guidance rather than theoretical discussion reflects the urgent need for security approaches that work within the realities of production systems that cannot simply be taken offline for updates.

