According to EY’s latest report, How Polish Companies Are Implementing AI, as many as 97% of manufacturing companies say they take cybersecurity into account when deploying artificial intelligence tools. Even so, industry—while ranking relatively high at 39% in terms of the use and implementation of AI for cyber protection—still lags behind other sectors such as trade (50%), energy (43%), and services (42%). This means that as advanced manufacturing continues to grow in Poland, including in areas such as dual-use products, the risk is also increasing that many plants will not be properly secured. Companies are investing in AI, but without adequate safeguards they are simultaneously increasing the risk of attack, especially in OT environments.
The EY study How Polish Companies Are Implementing AI covered the manufacturing, trade, services, energy, and financial and insurance sectors. The results showed that virtually all Polish manufacturing companies—97% in total, including 65% fully and 32% to a limited extent—take cybersecurity issues into account when implementing AI. A similar level of awareness was also recorded in the services sector, where 63% answered “yes” and 32% “yes, to a limited extent.”
Between innovation and security
More than half of industrial companies (54%) have implemented AI in their IT departments, a result close to the average across all sectors (51%) and placing manufacturing second among the industries surveyed. Energy remains the leader here at 60%. Another important area of AI application in manufacturing companies is marketing and market analysis, cited by 45% of respondents, followed closely by cybersecurity. Nearly four in ten companies (39%) say they use AI for this purpose. Compared with other industries, however, manufacturing is clearly less likely to implement AI directly in the cybersecurity area. Trade (50%), energy (43%), and services (42%) all outperform manufacturing, highlighting the sector’s potential to accelerate implementation.
“Manufacturers today operate in highly complex environments that combine OT and IT systems, dispersed locations, supply chains, and numerous technological integrations. Every such point of contact creates a potential attack vector. This is particularly important in dual-use production, for example drones or satellite technology components, where the risk of security gaps being exploited by unauthorized individuals during field operations is especially high. As a result, we can see that the industrial sector requires a greater understanding of production process resilience,” emphasizes Piotr Ciepiela, EY Partner and Leader of the Technology Consulting team.
AI as both a shield and a challenge for industrial cybersecurity
It is also worth noting that nearly one in three companies in the industrial sector (31%) has implemented AI in production processes, compared with an average of 22% across all surveyed industries. The EY study also showed that companies in this sector invest in a broad range of safeguards accompanying AI implementation: 39% have introduced procedural solutions, such as employee training, while 36% have implemented tool-based protections, such as data protection systems. However, only 19% use both types of safeguards at the same time. This clearly points to a competence and process gap.
“The development of AI affects the threat landscape, but it also introduces new mechanisms for defending IT/OT environments. It enables effective and detailed analysis of system and user behavior, identification of anomalies and deviations from normal patterns, and allows for the automation of a significant share of activities appropriately matched to a given incident. Detection and response times are therefore shortened,” says Leszek Mróz, EY Partner responsible for cybersecurity services in Poland.
Industry among the leaders in implementing AI policies
According to the EY study, industry is among the frontrunners when it comes to implementing policies governing the use of AI systems. Nearly 40% of companies (37%) have introduced a policy for publicly available tools, compared with an average of 30%, while almost half (49%) have also implemented policies for internal systems, compared with an average of 53%. This points to the growing organizational maturity of the sector.
“As advanced manufacturing develops further in Poland, the risk is also rising that many plants will not be adequately protected. Companies are investing in AI, but at the same time they are increasing their exposure to attack—especially in OT environments, where a single incident can halt an entire production line and cause real physical losses. The most resilient organizations are those that develop artificial intelligence in parallel across governance, threat detection, response automation, and risk management. Polish industry is making progress, but the pace of change in cybersecurity requires even faster deployment of advanced AI-based security tools,” adds Piotr Ciepiela.
About the study
The study How Polish Companies Are Implementing AI was conducted by CubeResearch on behalf of EY. The respondents included 499 Polish companies: 45% from the manufacturing sector, 33% from services, and 22% from trade. Of these companies, 56% were medium-sized and 44% were large enterprises. The third edition of the study was carried out in the final quarter of 2025.
