Cybersecurity Policy for Addressing Cyber Threats Arising from the Rapid Advancement of AI
We hereby disclose the following cybersecurity policy for addressing cyber threats arising from the rapid advancement of AI.
1. Summary
When advanced AI is misused for cyberattacks, the cyber threat landscape changes in three major ways:
(1) reduced attack execution time,
(2) increased attack volume, and
(3) increased sophistication of attack techniques
In response to these changes, Yokogawa strictly implements fundamental cybersecurity principles and leverages AI for defensive purposes to close the gaps in time, volume, and sophistication between attackers and defenders.
2. Changes in Cyber Threats Driven by Rapid Advancements in AI
As AI continues to evolve and is misused for cyberattacks, it becomes a powerful enabler of AI-powered cyberattacks. This results in the following changes in cyber threats:
- Time: Reduction in Attack Execution Time
AI significantly accelerates the entire attack lifecycle, including vulnerability discovery, proof-of-concept (PoC) development, exploit and malware creation, attack execution, and evaluation/improvement. This widens the gap between attacker execution speed and defender response time, thereby increasing the risk of threats such as zero-day attacks.
- Volume: Increase in Attack Frequency due to Lower Barriers and Costs
Advanced technical expertise is no longer required to conduct cyberattacks, lowering the barrier to entry for attackers. Additionally, automation of the attack lifecycle using AI reduces attack costs, potentially resulting in a substantial increase in attack volume.
- Sophistication: Advancement of Attack Techniques
AI can identify vulnerabilities that humans have been unable to discover for years. Consequently, there is a growing likelihood of highly sophisticated attacks that exceed human capabilities.
3. Yokogawa’s Cybersecurity Policy
Even if attackers leverage AI to accelerate attacks, the fundamental nature of cyberattacks—exploitation of vulnerabilities—remains unchanged.
Therefore, Yokogawa’s basic policy is to strictly implement foundational cybersecurity principles such as IEC 62443, while also leveraging AI in defensive capabilities to reduce the gap in time, volume, and sophistication between attackers and defenders.
The most critical principle is Defense-in-Depth, which ensures that if one control is breached, subsequent layers of control prevent further compromise.
Based on this principle, Yokogawa combines multiple controls across operational, system, and product perspectives and addresses evolving cyber threats by leveraging AI as a powerful enabler of AI-powered cyber defenses.
3.1. Operational and System-Level Controls
Under the concept of the “Security Program,” Yokogawa provides comprehensive operational and system-level cybersecurity measures.
Security Program | Yokogawa Electric Corporation
Key measures include:
- Risk Assessment
Assess risks considering AI-driven reductions in attack time, increases in attack volume, and enhanced sophistication, and consider the implementation of controls to reduce and maintain risks at an acceptable level.
- Review of Policies and Procedures
As the probability of successful attacks may increase due to AI misuse, it is increasingly important to implement and continuously improve controls across the cybersecurity lifecycle: Identify, Protect, Detect, Respond, and Recover.
- Awareness and Training
Social engineering attacks, including AI-generated phishing emails, are becoming more sophisticated. Continuous security awareness and training are essential to prevent human factors from becoming the weakest link.
- Implementation of Technical Controls
High-priority technical controls include:
►Whitelisting-Based Controls
A core control in OT environments where availability is critical and rapid patch deployment is difficult. Only authorized communications and processes are permitted, and all others are denied. Examples include Application Whitelisting, Firewalls, and IP/MAC Address Filtering.
►Network Security Controls
Unidirectional gateways effectively block inbound communication from external networks. Network segmentation prevents lateral movement even if an initial compromise occurs. Additional measures include closing unnecessary network ports, restricting remote access, and eliminating direct internet connectivity.
►Continuous Monitoring
Continuous monitoring of network traffic and logs enables rapid detection of security incidents.
►Backup
Assuming potential compromise, backup strategies are implemented to ensure system recovery in the event of an incident.
- Managed Service
►SOC(Security Operation Center)
Implement SOC capabilities to enable real-time monitoring, detection, analysis, and response to cyber threats.
Yokogawa’s IT/OT SOC services leverage AI for: (1) Threat detection, (2) Threat prediction, (3) Alert prioritization, (4) Insider threat detection, (5) Automation of incident response processes.
►Security Verifications
Periodically verify that existing controls—such as access control, authentication, patch management, firmware updates, and asset management—are functioning effectively.
3.2. Product-Level Controls
From a product security perspective, there are two key approaches:
(1) Preventing vulnerabilities from being introduced, and
(2) Responding effectively when vulnerabilities are identified.
3.2.1. Preventing Vulnerabilities (Secure Development)
For system products such as CENTUM, Yokogawa incorporates a secure development lifecycle based on IEC 62443-4-1 (SDLA-certified).
This includes:
- Secure by Design: Embedding security into products from the planning and design phases
- Secure by Default: Applying hardening configurations as a default
Yokogawa is also exploring the use of AI within the development lifecycle, including:
- AI-assisted secure coding to prevent vulnerabilities
- AI-based source code analysis to identify vulnerabilities
- AI-driven penetration testing (e.g., automated execution of attack scenarios)
- AI-enabled optimization and automation of fuzzing and robustness testing
3.2.2. Vulnerability Handling
Yokogawa operates a group-wide vulnerability handling framework.
The Yokogawa Group Vulnerability Handling Policy | Yokogawa Electric Corporation
Within this framework, Yokogawa is exploring ways to reduce vulnerability response time by leveraging AI for activities such as security update preparation and deployment.
4. AI Governance
Yokogawa has established an AI policy and is committed to delivering value to customers through the use of AI. In particular, for the use of AI, Yokogawa has established organizational governance functions to ensure safety and reliability. These functions continuously identify, assess, and manage risks associated with the AI utilization.
AI Policy | Yokogawa Electric Corporation
5. Conclusion
To address cyber threats arising from the rapid advancement of AI, Yokogawa is committed to the following:
- Strict Implementation of Fundamental Cybersecurity Principles
Continuously strengthen Defense-in-Depth based on standards such as IEC 62443.
- Closing the Gap with Attackers by Leveraging AI
Integrate AI into product development, vulnerability handling, and cybersecurity management to reduce the gap in time, volume, and sophistication relative to attackers.
- AI Governance
Ensure secure and reliable utilization of AI.
Yokogawa upholds the following fundamental principle regarding security for products and services:
The Yokogawa Group shall work together with our customers, responding to cyber threats towards customers' assets, to ensure that our customers are able to safely continue their business activities with peace of mind.
Based on this principle, Yokogawa will continue to work with customers to address evolving cyber threats driven by rapid AI advancements through the strict implementation of fundamental cybersecurity principles and leveraging AI as an effective defensive capability.
Revision History
July 3, 2026: Established
Looking for more information on our people, technology and solutions?
Contact Us