News
17/06/26
Faster AI attacks call for greater resilience
Advanced AI models can speed up the process of identifying and combining vulnerabilities. As a result, organisations have less time to address vulnerabilities and mitigate incidents. Small and medium-sized enterprises in particular, with less advanced security or older systems, may be relatively more vulnerable. The AFM is therefore calling on organizations to strengthen their basic security, patch management, monitoring and incident response.
In short
• Attack chains are becoming faster and more sophisticated
• Less time to address vulnerabilities
• Greater pressure on medium-sized and smaller organisations
• Strong basic security and AI enhance cyber resilience
Attack chains are becoming faster and more sophisticated
Advanced AI models are becoming increasingly adept at identifying vulnerabilities, combining attack steps and carrying out sophisticated cyber tasks in controlled environments. Evaluations of Claude Mythos Preview show that such models are making progress in multi-step attack scenarios, whilst other cutting-edge models, including GPT‑5.5, are demonstrating similar development.Less time to address vulnerabilities
This development shortens the time between the emergence or discovery of a vulnerability and its potential exploitation. As a result, pressure is mounting on organizations to prioritize issues more quickly, fix vulnerabilities and, where necessary, put in place temporary protective measures. This calls for faster security updates, better monitoring and a well-structured approach to incidents. Early detection, limiting the impact by isolating systems from one another, and regularly testing systems accessible via the internet are therefore becoming even more important.Greater pressure on small and medium-sized organizations
Medium-sized and smaller organizations in particular, with less advanced security or older systems, may be relatively more vulnerable to this development. It is particularly important for this group to have at least basic capabilities to detect anomalies, set up logging of administrative actions and configure alerts for the highest-risk events.Stronger basic security and AI enhance cyber resilience
Although the threat landscape is changing, basic digital security measures remain as important as ever. These include multi-factor authentication for external access, a clear understanding of systems accessible via the internet, and careful management of access rights and administrative accounts. At the same time, organisations can explore how AI can be used to strengthen their own cyber resilience, for example to identify, prioritise and resolve vulnerabilities more quickly.
Contact for this article
Would you like to receive the latest news from AFM?
Subscribe to our newsletter, we will keep you up-to-date.