Artificial Intelligence (“AI”) is increasingly used in the Communications Sector to enhance cybersecurity, improve network management, and enable new efficiencies. This report examines AI’s role in the sector, its development lifecycle, associated risks, and strategies for securing AI systems.
AI technologies—ranging from expert systems to generative AI—offer significant opportunities, including network automation, anomaly detection, predictive maintenance, and incident response. These benefits also carry risks: AI can be exploited by attackers to scale cyberattacks and reduce their detection. Emerging threats include AI-enabled phishing, malware generation, vulnerability discovery, and payload generation. Additionally, adversarial machine learning (“AML”) introduces unique attack vectors such as evasion, poisoning, privacy breaches, prompt injection, and supply chain compromises. Agentic AI further expands this risk surface by enabling systems that can autonomously plan, chain actions, invoke tools, and interact with external systems.
Organizations commonly integrate security throughout secure AI development frameworks. These typically involves several stages throughout the AI development lifecycle, including secure design, development, deployment, and ongoing oversight. As AI-enabled attacks evolve, defensive strategies observed in the industry combine traditional cybersecurity measures with AI-based tools, often guided by frameworks at the National Institute of Standards and Technology (“NIST”), MITRE ATLAS, and others. Collaboration within sector communities, such as the Communications Sector Coordinating Council (“CSCC”), continues to play a key role in sharing insights, strengthening resilience, and supporting secure adoption of AI technologies.
