Why cyber defenders need to be ready for frontier AI

Summary

Frontier AI models — the most capable generative systems — are already shifting the cyber threat landscape. The National Cyber Security Centre and AI Security Institute research shows these models can automate parts of complex attacks, reducing cost and time for adversaries. In tests up to March 2026, leading models made large strides: the best model completed significantly more steps of a 32-step simulated enterprise attack than models from 18 months earlier, and a full attempt now costs roughly £65.

Despite rapid improvement, current models still struggle with end-to-end complex operations: they lose context over long runs, hit specialised knowledge limits (reverse engineering, cryptography, malware), and produce inconsistent results. Crucially, defender advantages remain — notably the ability to shape the environment, share detections, and deploy monitoring that can spot AI-driven activity.

Key Points

Frontier AI can automate parts of cyber operations, lowering skill barriers for attackers.
Recent evaluations show major capability gains: the best model in early 2026 completed many more attack steps than its predecessors.
Running complex AI-enabled attacks is getting cheaper — estimated ~£65 for a full simulated attempt in these tests.
Current limitations include processing time, specialist knowledge gaps, context loss over long tasks, and inconsistent outputs.
Defenders should assume some attackers already use capable AI tools and respond accordingly.
Defensive uses of AI with high impact: reducing attack surface (faster vulnerability discovery/remediation), improving detection and investigations, and automating containment/response.
Automated responses can speed containment but introduce risks (service disruption, data loss) if poorly designed.
Strong baseline cyber security (accurate asset inventories, access controls, secure configuration, comprehensive logging) remains essential — AI amplifies both strengths and weaknesses.

Context and relevance

This post is aimed at cyber security professionals, risk owners and decision makers across public and private sectors. It explains where frontier AI is likely to change both attack and defence practices, and why defenders have a structural advantage if they invest in monitoring, collaboration and secure AI deployment. The note ties into broader government guidance (eg the Code of Practice for the security of AI) and points to forthcoming updates to NCSC guidance on intelligent security tools.

Why should I read this?

Short and blunt: if you care about keeping your org safe, read this. AI is already changing the attacker playbook and it’s cheap to run. The blog saves you time by laying out where AI helps attackers, where it helps defenders, and what practical basics stop AI from turning into a catastrophe. No hype — just what to focus on now.