AI for Cybersecurity & Cybersecurity for AI

Focus Area leader: Aristidis Kaloudis, NTNU

Artificial intelligence is reshaping both the threat landscape and the defensive capabilities available to critical sectors. In 2025, NORCICS expanded the scope of this focus area, previously centered on data analytics, to address the dual challenge of AI for cybersecurity and cybersecurity for AI. This evolution reflects the center’s strategic response to global developments, including the EU AI Act, the Digital Service Act, the Cyber Resilience Act, and the intensified threat environment highlighted in the midway evaluation panel’s report.

AI for cybersecurity encompasses the development of intelligent methods for detecting, analyzing, and responding to cyber threats in increasingly complex IT/OT environments. Research in this area advances machine‑learning‑based intrusion detection, anomaly detection in industrial control systems, predictive analytics for threat anticipation, and the integration of AI into cyber ranges and digital twins. These efforts support the midway evaluation panel’s recommendation to invest in innovative training and simulation methods for operators in critical sectors.

Cybersecurity for AI addresses the growing need to secure AI systems themselves. As AI becomes embedded in critical infrastructures, from autonomous decision‑support systems to sensor fusion and industrial automation, ensuring the integrity, robustness, and trustworthiness of these models becomes essential. Research activities include adversarial robustness, hereby understanding infrastructure impacts of poisoning Large Language Models scenarios, adversarial prompting (e.g., Prompt Injections (PI) attacks enabling attackers to override original instructions, bypass refusal training and other employed controls, etc.), secure model lifecycle management, privacy‑preserving learning across IT/OT boundaries, and compliance with emerging regulatory frameworks. These topics align with the midway evaluation panel’s call to initiate new projects in trustworthy AI and privacy in IT/OT convergence.

The focus area also contributes to NORCICS’ broader innovation agenda. AI‑enabled solutions developed within the center are increasingly integrated into spin‑off projects and industrial collaborations, supporting technology transfer and strengthening Norway’s cyber resilience. Doctoral candidates play a central role in this work, contributing to joint publications, cross‑task collaboration, and the development of new research initiatives.

By redefining this focus area, NORCICS positions itself at the forefront of a rapidly evolving field. The dual emphasis on leveraging AI for defense and securing AI‑driven systems ensures that the center remains aligned with international research trends, regulatory developments, and the needs of partners across critical sectors.