May 26, 2026 - Swedish eTrade platform signs an agreement for vulnerability scanning. May 21, 2026 - Swedish software producer signs agreement for continuous pentesting. May 20, 2026 - Swedish CRM producer signs an agreement for continuous penetration testing. May 16, 2026 - eBuilder signs an agreement for SOC/MDR with a TechHub. May 11, 2026 - eBuilder signs an agreement for SOC/MDR and automated pentests with a company in the publishing business. May 8, 2026 - eBuilder signs a pentest agreement with a leading petrochemical producer. April 8, 2026 - eBuilder signs an agreement for MDR/SOC with a hotel business. March 13, 2026 - eBuilder signs an agreement for SOC-operations with a Swedish municipality. May 26, 2026 - Swedish eTrade platform signs an agreement for vulnerability scanning. May 21, 2026 - Swedish software producer signs agreement for continuous pentesting. May 20, 2026 - Swedish CRM producer signs an agreement for continuous penetration testing. May 16, 2026 - eBuilder signs an agreement for SOC/MDR with a TechHub. May 11, 2026 - eBuilder signs an agreement for SOC/MDR and automated pentests with a company in the publishing business. May 8, 2026 - eBuilder signs a pentest agreement with a leading petrochemical producer. April 8, 2026 - eBuilder signs an agreement for MDR/SOC with a hotel business. March 13, 2026 - eBuilder signs an agreement for SOC-operations with a Swedish municipality.
Company News
AI & Emerging Tech

Five Eyes Warns AI Will Outpace Cyber Defences Within Months

Erik Berg
June 24, 2026 6 min read

The Five Eyes intelligence alliance has issued a joint warning that AI-powered cyberattacks are advancing faster than most organizations’ defences can adapt and that the window to close that gap is measured in months. The statement comes from FIORC, the Five Eyes Intelligence Oversight and Review Council, whose members include the oversight bodies of the United States, United Kingdom, Canada, Australia and New Zealand.

The Record reported the advisory on 22 July 2025. The core finding is not that AI attacks are coming. It is that the pace of frontier AI development means threat assumptions written into security policies and incident response plans today may already be obsolete.

“The rapid pace of frontier AI development means cyber risk assumptions can become outdated in months, not years,” the advisory states. That sentence deserves to be read twice by anyone who last reviewed their organization’s threat model before the current generation of large language models and autonomous agent frameworks entered widespread deployment.

What the Advisory Actually Says

FIORC identifies two distinct AI risk categories that it treats as qualitatively different from earlier automation threats. The first is the acceleration of existing attack methods, AI compresses the time between vulnerability discovery and active exploitation, reduces the skill required to conduct phishing, social engineering and reconnaissance at scale and enables attackers to iterate faster than defenders can patch or detect. “It lowers barriers for malicious actors and increases the speed and complexity of attacks, shrinking the window between vulnerability discovery and exploitation ever more quickly,” the advisory states directly.

The second risk category is newer and less well understood, autonomous agentic AI. These are systems that can plan, execute multi-step tasks and interact with external services without continuous human direction. FIORC flags agentic AI as a distinct threat class, not simply a faster version of existing automation. An autonomous agent that can chain reconnaissance, credential access, lateral movement and exfiltration into a single uninterrupted workflow represents a fundamentally different operational tempo than anything current security operations centres are staffed or tooled to handle.

No specific CVEs are named. No affected products are identified. The advisory is a strategic warning, not a technical bulletin. That is worth stating plainly because several outlets have covered it with a specificity the document does not support.

A Rare Document From an Oversight Body, Not a Sales Team

FIORC is not a threat intelligence vendor. It is the joint council of the Five Eyes’ civilian intelligence oversight bodies which exist specifically to scrutinize their respective intelligence communities. A joint public advisory from this body is structurally different from the vendor-issued threat reports that flood the security industry. There is no product to sell here. The skepticism I normally apply to private firm threat reports does not apply in the same way, though the advisory’s lack of technical specificity limits how directly organizations can act on it.

Bank Info Security, which covered the advisory on 22 July 2025, noted that the agentic AI framing in the FIORC statement aligns with concerns being raised separately by CISA and ENISA about AI systems operating in enterprise environments with insufficient human oversight. That convergence across independent government bodies gives the warning more weight than a single agency assessment would carry.

The Governance Gap Is Bigger Than the Technical Gap

The organizations most exposed to AI-accelerated attacks are not necessarily those with the weakest technical controls. They are the ones whose security governance has not kept pace with their AI adoption. If your organization has deployed AI-assisted development tools, customer-facing chatbots or any agentic workflow automation in the past 18 months without a corresponding update to your threat model, your incident response plan is working from assumptions that no longer reflect your actual attack surface.

The practical implication of the FIORC warning is not that every organization needs to immediately acquire AI-powered security tooling. Vendors will make that argument loudly in the coming weeks and it should be evaluated with the usual skepticism about products sold in response to fear. The actual implication is narrower. Review what AI systems you have deployed, what data they can access, what actions they can take autonomously and whether your detection and response capability would catch a compromised agent operating within normal-looking behavioural parameters.

Incident response plans that do not account for AI-accelerated phishing or agentic attack scenarios are not compliant with the spirit of NIS2’s Article 21 requirements, regardless of whether they satisfy the letter of a checklist. MSB has not yet issued specific guidance on AI threat integration into risk assessments but the FIORC advisory gives Swedish essential entities a documented basis for treating this as a board-level risk management question rather than a future consideration.

Three Questions Before the Next Board Meeting

The FIORC advisory does not come with a patch to apply. What it does provide is a documented prompt for three specific governance actions that any in-scope organization should be able to answer before its next board meeting.

  1. When was your threat model last updated and does it reflect AI-assisted attack techniques including automated spear-phishing, AI-generated deepfake social engineering and autonomous lateral movement? If the answer is more than 12 months ago, it needs revisiting.
  2. What agentic AI systems does your organization operate or have contracted access to and what is the maximum autonomous action any of those systems can take without human approval? If you do not have a complete answer, you have an inventory problem before you have a security problem.
  3. Does your incident response plan define detection and escalation procedures for an AI-assisted attack, including scenarios where the attack volume or speed exceeds what your current SOC staffing can triage manually? If it does not, update the plan and test it.

CISA’s guidance on AI security, published earlier in 2025 in coordination with allied agencies including the UK’s NCSC, covers baseline controls for organizations deploying AI systems. That document is more technically specific than the FIORC advisory and is the more useful operational reference. It is linked in the references below.

References

  1. Five Eyes Agencies Sound Alarm About AI’s Threat to Cybersecurity
  2. Bank Info Security: Five Eyes Sound Alarm on Autonomous AI Security Risks
  3. AI on Pace to Bypass Cybersecurity Systems in Months, Not Years, Five Eyes Spy Partners Warn
  4. Guidelines for Secure AI System Development (joint publication with NCSC and allied agencies)

This post is also available in: Svenska

Erik Berg

Erik Berg is CTO and Principal Security Architect at eBuilder Security, with more than a decade in blue team security operations across the private and public sectors, and a focus on emerging threats including the security risks that come with AI.

More from this author →

More in AI & Emerging Tech

All cyber news