Throughout the supply chain, artificial intelligence promises to transform how organizations plan, produce, move, stock, sell and deliver all types of products, from candy bars to car parts. 

There are countless supply chain applications for AI systems that can absorb and analyze vast amounts of production and customer data. When integrated with information about traffic, economic indicators and even weather forecasts, AI offers companies the ability to anticipate, adapt and act with confidence.

Organizations today are actively assessing ideal AI use cases, starting with low-risk, high-return activities such as customer service and staff efficiencies. Warehouse operations are ripe for AI-powered automation, including systems to scan packaging labels, monitor refrigeration temperatures and manage inventory. Demand forecasting and plotting last-mile deliveries are all on the agenda. 

The potential benefits are clear. In food and beverage, better forecasting means less food waste and spoilage. In healthcare, medicines can be directed to where they’re most needed. And in retail, sales trends can be analyzed to avoid shortages of popular products or overstocking on out-of-fashion items.

Large language model-based chatbots are just the beginning. For enterprises, the future of AI is agentic, where autonomous agents carry out increasingly complex tasks.

Put simply, an AI agent is made up of three things: a purpose, brain and tools. The purpose is the task it’s been given (map efficient delivery routes, for example). The brain is the underlying AI model. And the tools can be digital (such as software and databases) or physical (such as sensors and scanners). 

Gartner forecasts that, by 2028, agents will be making 15% of day-to-day business decisions — equating to nearly one in six decisions. As agentic adoption accelerates, that proportion may even look conservative.

The Hidden Risks Within

Each new opportunity brings new challenges. Introducing AI to enterprises introduces new vulnerabilities, in the form of “attack surfaces” for bad actors to target and exploit. This issue is heightened in the supply chain, because different organizations along the chain are likely to be using multiple systems, with varying security standards and implementation.

In a supply chain, an attack — or even accidental misuse — can have an enormous impact. Imagine, for example, a logistics company that has adopted AI to optimize and manage deliveries, but without appropriate security in place. A targeted attack tweaks its optimization logic and trucks take the wrong routes. Deliveries are delayed. Fresh produce spoils. Retailers are left with gaps on their shelves. Customers lose trust. And revenue disappears — all because the system kept working, just badly. 

This is the unique danger of a cyberattack in the AI era: It doesn't have to break the system or take it offline, it can just mislead it. Given the nature of generative and agentic AI systems, the attack can be difficult to identify, and the damage can escalate in ways that aren’t obvious. 

If the product is high value and high impact, such as pharmaceuticals or mission-critical machine parts, the consequences are multiplied. There are many places to buy bread, but a shortage of high-tech medicines is not so easily overcome. 

AI to Secure AI

Bad actors are resourceful and inventive in identifying security gaps, so enterprises must be equal to the challenge. For supply chain transformation to succeed, the focus must go beyond the performance and cost of AI systems, and embrace an equal focus on security. 

Agentic systems need protection at two stages: thought and action. If the agent starts “thinking” the wrong things, either under attack or through misuse or malfunction, it should be stopped in its tracks. If it gets to the action phase, it must be policed to ensure any bad action is minimized.

Ironically, the best defense against AI-powered threats is to use AI itself to monitor and defend systems and agents in real time. Automated red-teaming should be utilized to test AI systems with simulated real-world attacks, in order to identify weaknesses and “corner cases” where unexpected outcomes occur. Crucially, this must be done pre- and post-production, keeping ahead of evolving threats. 

If attacks or malfunctions do progress, proactive defensive measures are essential to counteract the bad action, while remediation can reroute the AI system or agent towards its correct action. As AI adapts at speed, organizations are able to remain one step ahead, ensuring that proactive security measures are in place. A team with both strong offense and strong defense is hard to beat. 

Strengthening the Supply Chain

To prevent these scenarios, supply chain companies need to take a methodical approach to AI adoption, involving the following steps:

• Identification of if, and where, AI can help. Rushing to adopt AI is tempting but, like any implementation of new technology, the use case has to come first. 
• Consideration of the required controls. Any existing use case (such as route mapping or managing cold storage) will have existing security controls. Organizations must review and understand how they can be mapped to an AI solution, now and into the future.
• Selection of the proper model. Organizations should research AI model options and decide which is best for their specific use case, both in terms of solving the issue and offering fit-for-purpose security. 
• Proper installation. When the best combination of use case and model is selected, implement the required controls, and continuously test during the software development lifecycle with an appropriate AI red-teaming solution to ensure that the system is operating correctly. 
• Staying ahead of bad actors. Attacks styles and approaches evolve, so once the system is up and running, continuously evaluate against new and novel attacks, updating controls as needed.

As with any technology, AI is only an asset when it’s safe and secure. Without embedded, purpose-built protections, AI risks being the supply chain’s weakest link. 

James White is chief technology officer and president of CalypsoAI.