The UK faces a cyber threat that is growing in scale, speed and sophistication. Attacks from hostile states, organised crime and others are increasingly disrupting services, harming businesses and exposing sensitive data. Frontier AI is accelerating this trend, with the potential to shift the balance in favour of attackers – and with serious implications for defenders.
Securing our critical technology systems
We need to keep our critical technology systems secure against both existing and emergent cyber threats.
Existing threats
Today’s challenge is that there are many preventable weaknesses. We know that a large proportion of critical systems do not fully meet the aims set out in the Cyber Assessment Framework (CAF).
Many attacks still succeed because of basic vulnerabilities, including outdated or unsupported systems, delays in applying security updates, and weak controls over access to systems and data. These are well-understood risks, but they remain widespread, leaving the UK exposed to attacks that are often avoidable. This makes getting cyber security fundamentals in place now more important than ever.
Emerging threats
At the same time, the emerging challenge is that AI is changing how attacks are carried out, increasing their scale and speed.
AI is already helping attackers to conduct elements of offensive cyber activity, such as vulnerability discovery and reconnaissance at a much greater scale and faster pace. As a result, activities that once took weeks can now take minutes, reducing the time available for defenders to respond, detect and contain them. This increases the likelihood of successful attacks.




