Jayant Dave, Chief Information Security Officer of Check Point Software, explores the concept of the AI Factory, and how that has spawned a new security blindspot.
As artificial intelligence transitions from experimental pilot programmes to the core engine of enterprise operations, the “AI Factory,” a new class of purpose-built, large-scale data center, has emerged.
An “AI Factory” is a specialised, industrial-scale digital infrastructure that automates and streamlines the entire lifecycle of artificial intelligence, from collecting raw data to deploying and managing AI models, essentially industrialising intelligence creation for high-volume output, much like a manufacturing plant for AI-driven insights and applications. It integrates robust data pipelines, high-performance computing (GPUs), software, and MLOps (Machine Learning Operations) to efficiently build, train, scale, and serve complex AI models for real-world tasks, acting as a strategic asset for innovation.
However, this rapid scaling has birthed a critical blind spot: AI runtime security.
For the modern CIO, the challenge is no longer just about procuring enough GPUs (graphic processing units); it is about ensuring that the massive workloads running on them aren’t compromised by prompt injections, model poisoning, or infrastructure breaches. The recent collaboration with NVIDIA may serve as a blueprint for how infrastructure and security leaders can jointly protect the AI pipeline without the “performance tax” that traditionally plagues security integrations.
The Visibility Gap in AI Infrastructure
The scale of the threat is already manifesting in the data. According to recent Gartner findings, 32% of organisations have already weathered AI attacks involving prompt manipulation. Perhaps more concerning for infrastructure teams is that 29% have faced direct attacks on their GenAI infrastructure in the last year. Nearly 70% of cyber security leaders said emerging GenAI risks demand significant changes to existing cyber security approaches.
Traditional security measures are often “AI-blind,” unable to parse the unique traffic patterns of Model Context Protocols (MCP) or the nuances of Retrieval-Augmented Generation (RAG). This has left nearly half of organisations (49%) reporting high levels of concern regarding their current vulnerabilities, as revealed in a recent survey by Lakera.
A New Architecture: Security at the Speed of Light
The security paradigm for an AI factory should shift from an “add-on” to a foundational element.
Zero-Impact Infrastructure Security
Traditionally, deep packet inspection and runtime monitoring consume significant CPU/GPU cycles. By leveraging NVIDIA DOCA Argus telemetry, security processing is offloaded to the BlueField DPU. The result is real-time monitoring and workload isolation that secures the AI factory without consuming the precious GPU capacity needed for model training and inference.
Protecting the “Agentic” Application Layer
As AI moves from passive chatbots to autonomous “Agentic AI” that interacts with enterprise systems, the attack surface expands. Using insights from an AI red-team platform, the Web Application Firewall (WAF) provides runtime protection for LLM inputs and outputs, effectively stopping AI application threats, including prompt injection, jailbreaking, and LLM poisoning at the source.
Governing the Human Element
Security is only as strong as its weakest user. The “User Layer” of this collaboration ensures that as employees adopt GenAI tools, the CIO maintains a clear audit trail for regulatory compliance. Real-time prevention of sensitive data leakage (DLP) ensures that proprietary code or customer data doesn’t end up in public model training sets.
The Strategic Takeaway for CIOs
The era of siloed decision-making, where infrastructure teams buy hardware and security teams “wrap” it later, is over. To build a resilient AI factory, leadership must focus on three pillars: visibility, isolation, and performance.
The focus area for the visibility pillar is network and host telemetry, where the CIO prioritises the identification of shadow GenAI and unauthorised MCP servers. The focus area for the isolation pillar is micro-segmentation, where the CIO prioritises the prevention of lateral movement between sensitive AI workloads. Lastly, the focus area for the performance pillar is DPU integration, where the CIO ensures that security scales linearly with AI traffic without latency.
This integration shows that high-performance AI and robust cyber defense are not mutually exclusive. For the C-suite, the message is clear: The AI revolution will be secured at the runtime level, or it will not be secured at all.
Jayant Dave is the Chief Information Security Officer of Check Point Software, a provider of cyber security solutions. He holds both CISSP and CISM certifications, and previously led global cybersecurity initiatives at Citibank Asia Pacific.
Stay updated on the crypto space by following our socials
