Local artificial intelligence can help OT teams improve anomaly detection without sending sensitive operational data outside constrained environments. For utilities and regulated operators with limited cloud access, physical space restrictions and site-specific requirements, machine learning can augment existing controls by identifying unusual traffic, protocol activity and compromised engineering assets.

This session, led by Corbin Jarms, lead OT cybersecurity engineer at Avista, will cover:

• How local AI and machine learning can support OT anomaly detection using existing firewall syslog and network data;
• How statistical, behavioral, host-level and OT protocol detections identify rare, shifted or suspicious activity across industrial environments;
• How maintenance windows, inventory data and tunable detection logic help reduce noise while improving threat hunting and response.