Crystal Ball 2026: AI copilots will recommend—and sometimes enforce—cybersecurity policies

What we’re learning about AI in manufacturing is the technology can and has been plugged into all sorts of roles in manufacturing, even becoming a substitute industrial workforce that can take over high-volume and repetitive tasks such as field dispatch, supplier coordination, customer order management, and inventory replenishment.

But AI may play no more important role than as a weapon against and a defense against cyberattacks. As an example, there’s little doubt that AI copilots will recommend—and sometimes enforce—cybersecurity policies. How?

Cybersecurity roundup: Dragos on Q3 ransomware, Kiteworks on 'legacy' web form exposure

With 75% of organizations already in moderate or extensive AI use and 39% adopting internal copilots, the next step is wiring those copilots into an MCP server. In English, that’s an adapter that lets AI models securely connect to and use external data, tools (like APIs, databases, files), and services (like GitHub, Slack, AWS) by translating natural language requests into specific actions.

For manufacturing supply chains that span the U.S., Europe, and the Middle East—regions that together account for well over 60% of the survey base—this will turn data sovereignty into a commercial requirement, not just a legal concern.

Compliance frameworks will pull form modernization forward

Regimes like GDPR, sector regulations (HIPAA, PCI, FedRAMP, CMMC), and the EU AI Act—each cited by roughly 31% to 46% of organizations as 2026 priorities—will stop treating “web portals” as a vague category and instead focus on specific data collection points.

Webinar replay: Cybersecurity Challenges, Brought to You by AI

Boards are already paying close attention to AI governance (46%), data privacy (43%), and regulatory compliance status (40%), which means form-based data exchanges sitting at the edge of manufacturing operations will land directly in the spotlight.

Manufacturers that cannot show how form data is classified, protected, logged, and retained will see audits drag on and high-value contracts shift to competitors who can.

Third-party and software supply chain failures move to the center of data-exchange risk

With 46% of respondents citing end-to-end visibility gaps and 36% citing lack of visibility into partners’ AI data handling as top third-party risks, organizations are already signaling that their biggest blind spots sit in supplier and partner data exchanges.

At the same time, classic software supply chain issues—third-party/OSS dependency compromise (34%), vendor cloud multi-tenant breaches (31%), and compromised update/signing (29%)—dominate the top software supply chain concerns.

OT cybersecurity case study: Flaws found and fixed in widely used industrial network devices

Because advanced resilience controls like incident response for supply chain events (21%) and joint playbooks/tabletops (less than 13%) lag far behind, the next wave of high-impact incidents is likely to come from a convergence of third-party data-exchange failures and software supply chain weaknesses across forms, files, APIs, and AI systems.

Zero trust will extend from networks to forms and files

Zero trust in manufacturing in 2026 will move beyond VPNs, firewalls, and user policies to apply at the level of each form submission and file exchange. We already see 48% using least-privilege and time-bound credentials for AI agents, 48% using allow-listed tools and actions, and 46% applying data minimization—patterns that naturally extend to form- and file-based data exchanges.

See also: Survey shows ‘widespread governance failures’ in AI data security

Over the next cycle, manufacturers will apply the same discipline to external supplier and customer workflows, so a single risky portal or form cannot undermine an otherwise mature zero trust program.

Form data overtakes file shares as top IP risk

As more quality, warranty, engineering change, and service workflows move into web and data forms, manufacturing will see sensitive IP increasingly exposed through structured submissions rather than shared files.

While 64% of organizations already secure web and data forms today and another 26% plan to by 2026, only 25% rank forms as a top data exchange risk—showing that many still underestimate how much sensitive information flows through them.

In manufacturing, where portals and forms are central to supplier and customer interactions, that blind spot will give attackers a head start.

Secure data forms become a monetized managed service

As third-party data exchange risk rises—46% cite end-to-end visibility gaps and 36% cite lack of visibility into partners’ AI data handling—manufacturers will look to MSPs and MSSPs to standardize protection across supplier and customer forms.

See also: AI can expose manufacturing data to risk, so audit your implementations, third-party links

Secure private data exchange is already implemented by 48% of organizations, and data classification and policy enforcement by 42%, but more advanced capabilities like immutable evidence packs, DLP and egress controls, kill switches, and joint playbooks all sit well under 25%.

That gap creates a clear revenue opportunity. MSPs and MSSPs that can wrap manufacturing ecosystems with secure data forms, unified evidence, and AI-aware monitoring will sell this as a recurring, outcome-based service rather than a one-off project.

AI will expose legacy OT/IT Integration as a security liability

As manufacturers adopt AI for data extraction, enrichment, and workflow automation, weak, ad hoc links between OT systems, ERP, and web portals will become obvious security liabilities.

AI needs clean, well-governed data paths, and today only 39% of organizations claim to have a centralized AI data gateway to control how sensitive data flows into models and agents.

See also: ‘Legacy’ cyber risk: How to prepare OT for system updates

The friction between legacy integrations and AI governance will force manufacturers to front-end old systems with secure data gateways or risk AI simply amplifying existing weaknesses.

Supplier portals become prime targets for AI-driven attacks

Attackers will increasingly use AI to probe and exploit supplier, warranty, and RMA portals that sit on aging manufacturing platforms, because that’s where operational and design data meet.

Manufacturing already shows the highest concern for end-to-end visibility gaps of any industry at 67%, and 44% say lack of real-time breach notification is a top third-party risk—both signs that they know their ecosystems are hard to monitor.

As AI-powered probing and exploitation scale, these blind spots in supplier-facing data exchanges will translate directly into more frequent and harder-to-detect compromises.

Editor's note: The Crystal Ball Series will continue on Tuesday, Dec. 30.