Cybersecurity threats are evolving rapidly, with attackers leveraging artificial intelligence (AI) to create sophisticated threats, including AI-generated phishing attacks and deepfake-based social engineering. As digital transformation accelerates, companies—particularly small and medium-sized enterprises (SMEs) in the manufacturing and energy sectors—must adopt proactive cybersecurity strategies to safeguard their operations.
To address these challenges, our DOE-sponsored Cybersecurity Center at Oakland University, in collaboration with Automation Alley, SensCy, Grimm, and Fraunhofer, has developed a certificate program designed to enhance cybersecurity expertise. This program focuses on penetration testing, malware reverse engineering, AI-driven cybersecurity and privacy, Protection cyber-physical systems (CPS), IoT, industrial control systems (ICS), and digital twinning. By offering multi-level training with hands-on lab exercises, we aim to equip employees and engineers with the skills needed to defend against modern cyber threats while benefiting the local community and the entire industry.
Key strategies include:
1. Enhance cybersecurity workforce readiness by tailoring training programs for different industry needs.
2. Utilize AI in cybersecurity to counter AI-driven threats like phishing attacks and malware.
3. Develop effective cyber incident response and disclosure strategies that balance transparency with reputation management.
1. Cybersecurity workforce training
Challenges in workforce readiness: For Small and Medium-Sized Enterprises (SMEs), they often face budget constraints, have limited cybersecurity expertise, and don’t have dedicated IT security teams. On the other hand, Large Enterprises require scalable cybersecurity training programs to accommodate global operations, supply chain risks, and regulatory compliance.
Strategies in training: for SMEs, cost-effective and modular training are the best choices. The training focuses on basic cybersecurity practices, such as phishing recognition and provides hands-on labs with real-world cyberattack simulations relevant to Cyber Physical Systems (CPSs), IoT and energy infrastructure. Cloud-based training tools are leveraged to provide remote access to learning materials and simulations. For Large enterprises, a more comprehensive training program is needed to cover foundational awareness to advanced topics like malware reverse engineering, the training should also utilize AI techniques to drive the personalized learning based on the employees’ knowledge background. Such AI techniques include adaptive learning that evaluates individual performance and adjusts the training content dynamically. Also, generative AI methods could be adopted to generate simulated scenarios to help employees identify and respond to emerging threats. Leverage Large Language Models (LLM) to provide on-demand guidance during the simulated security incidents. It is also very importation to build collaboration for continuous learning. SMEs, large manufactures, universities, cybersecurity firms, government agencies should build partnerships to share cybersecurity best practices, and ongoing education and research insights.
2. AI-Driven Cybersecurity in combating evolving phishing and malware threats
Challenges in AI-Generated Cyber Threats: AI has become a double-edged sword in cybersecurity. While it can be leveraged for threat detection and defense, attackers are also using AI to generate highly sophisticated phishing emails, deepfake attacks, and automated malware.
Strategies to Counter AI-Driven Threats: AI gets pervasive in the security infrastructure very quickly. AI-driven email filters can help analyze phishing messages for synthetic text, sender behavior anomalies, and deepfake indicators. Natural language processing (NLP) models can help detect fraudulent emails that traditional filters might miss. AI-based anomaly detection for network traffic can identify irregular activities that could signal a cyberattack. From the training perspective, AI generative model could be deployed to generate phishing simulations which could be used to train employees to recognize and report suspicious emails. Gamified security quantification mechanism and awareness programs driven by AI can create interactive training experiences. Strengthening identity and authentication security involves implementing multi-factor authentication (MFA) and AI-enhanced biometric authentication to reduce the risk of stolen credentials. Developing voice and video verification systems can prevent deepfake-based impersonation attacks.
3. Cyber Incident Response: Balancing Transparency with Reputation Management
Challenges in Cyber Incident Disclosure: when a cyberattack is successfully mounted, there is always a risk on the reputation that if the cyber incidents are disclosed then the trust from the customers would be impacted, the company may receive more regulatory scrutiny besides the financial losses caused by the attacks. Also, if the disclosure is not mature then it may affect the forensic investigations and incident containment efforts. The security teams should be trained to be aware of the regulatory compliances.
Best Practices for Responsible Cyber Incident Disclosure: A cyber incident disclosure framework is recommended that it establishes predefined reporting protocols that categorize incidents by severity and outline disclosure timelines. Depending on if there exists a security team, internal and external communication strategies should be defined for notifying stakeholders, customers, and regulators. It is critical to reinforce the best industry regulations and practices, such as General Data Protection Regulation (GDPR), DHS Cybersecurity and Infrastructure Security Agency (CISA), and NIST guidelines.
Workforce Education on Cyber Crisis Management: Train employees on how to respond to cybersecurity incidents, including when and how to report potential breaches. Conduct tabletop exercises and cyber crisis drills to ensure teams are prepared for real-world cyberattacks. Develop an internal response playbook outlining who is responsible for incident communication and escalation. Again, AI techniques could be leveraged in incident response and public messaging through monitoring public perception following a cyber incident. AI-powering inquiring and providing real-time updates on cyber crisis. Fostering industry collaboration on cyber resilience includes sharing lessons learned from cyber incidents to improve industry-wide resilience. Cross-sector cybersecurity initiatives that promote transparency and shared threat intelligence should be encouraged. Positioning cybersecurity awareness as part of corporate social responsibility (CSR) efforts can enhance public trust.
Conclusion
As cyber threats grow more advanced, organizations in the manufacturing and energy sectors must adopt a multi-layered cybersecurity approach that combines tailored workforce training, AI-driven security solutions, and strategic cyber incident disclosure frameworks. Our DOE-sponsored cybersecurity certificate programs provide industry-aligned training in penetration testing, malware reverse engineering, AI-driven cybersecurity, protection CPS, IoT, ICS, and digital twinning. With real-world scenarios, hands-on labs, and different levels of training, these programs prepare employees and engineers to tackle the most pressing cybersecurity challenges. Through continuous research, industry collaboration, and AI-powered cybersecurity solutions, we can strengthen the local community, small and medium manufacturers, and the broader industrial ecosystem against cyber threats.
Read this article in our Integr8 Playbook, "Staying Ahead: Securing Industry From Cyber Threats," here.
