Critical-infrastructure AI is now an enforcement category.
Tokto records every model decision, every operator prompt, every vendor AI call, and every port-or-grid AI integration, ready for FERC, NERC, TSA, CISA, MARSEC, and the AG.
A NERC audit asks for the AI history behind a CIP-007-7 violation. The OT team has logs. The IT team has logs. The AI vendor has none of it tied to an asset. The penalty exposure runs to $1 million per day per occurrence.
- Every model decision tied to an asset, an operator, an event, a model version, and an operating state.
- A complete record for FERC, NERC, TSA, CISA, MARSEC, and opposing counsel on the same evidence.
- Policy at the model: no grid telemetry past boundary, no port manifest past contract, no ICS command without approval chain.
- Defensibility under NERC CIP, TSA SDs, CISA mandates, FERC enforcement, and the FTC at the same time.
- NERC CIP penalty exposure at $1M+/day/violation. No AI record to reduce the order.
- A Port of Seattle-class ransomware traced through an AI integration. The carrier of record is named.
- A CIP-013-2 supplier event through a vendor co-pilot. The audit trail is missing the AI layer.
- A state AG opens a critical-infrastructure privacy enforcement on port carrier data. No model record to defend.
Tokto governs the AI surface of the utility and the port. Control-room co-pilots, field-engineer assistants, scheduling models, vendor AI tools โ all become records at the moment they fire. The record carries the asset, the operator, the event, the operating state, and the policy that applied. The GC controls one trail across IT, OT, and AI.
When NERC opens a CIP enforcement, when CISA asks what the AI did before the incident, when MARSEC asks how port manifests were governed, the record is the same record. The GC answers in days, not penalty exposures.