What You Need to Know — and Do — Now
Frontier AI capabilities can now weaponise IT weaknesses in “a matter of minutes or hours,” the European Systemic Risk Board warned this week when it elevated the status of systemic cyber risk to “severe.” This warning aligns with other recent regulatory announcements, including a joint statement last month by the Five Eyes cybersecurity agencies that AI is accelerating the speed, scale and sophistication of cyber threats and may transform offensive and defensive capabilities in a matter of months, not years.
Most recently, the European Central Bank sent a letter on 7 July 2026 to key lenders in the eurozone warning that the financial services sector needed to produce comprehensive action plans addressing AI-driven cyber risk by the end of October — the most prescriptive response yet by any major central bank to the AI-charged cybersecurity threat.
The release of Anthropic’s Claude Mythos Preview in April 2026 ushered in a new reality where the window between vulnerability disclosure and active exploitation is no longer weeks or months, but potentially minutes. Anthropic identified that its new model was capable of autonomously discovering zero-day vulnerabilities and writing code to exploit them at superhuman speeds. Regulators today are increasingly focused on the potential risks and harms that these advanced AI models may facilitate. For all commercial organisations, this evolution presents an immediate escalation in legal risk, regulatory exposure, and organisational liability that demands urgent attention.
This article sets out the nature of the new AI-driven threat environment, examines its implications for legal and compliance functions, and provides practical guidance on the steps organisations should be taking now — and planning for in the months ahead.
The Evolving AI-Charged Threat Landscape
Until recently, vulnerability management operated on a relatively predictable cadence. Security teams scanned periodically, patched often on monthly cycles, and maintained backlogs that, whilst never ideal, were broadly manageable. That paradigm has ended. AI models are now capable of identifying critical software flaws at a speed and scale that human-led security teams cannot match.
The threat is multifaceted. First, offensive AI capabilities are currently developing faster than defensive measures, widening asymmetric risk. In Anthropic’s Project Glasswing testing, Mythos not only discovered individual bugs in the Linux kernel — the software that runs most of the world’s servers — but chained multiple vulnerabilities together to allow an attacker to escalate from ordinary user access to complete machine control. This is a qualitative step-change: where legacy vulnerability management addressed one flaw at a time, agentic AI’s ability to combine low- or medium-severity issues into high-impact attack chains demands accelerated detection and remediation processes.
Second, AI dramatically lowers the cost and time that a threat actor needs to weaponise known vulnerabilities. In some reported cases, AI has shrunk the time from initial account takeover to ransomware deployment to mere minutes. Nation-state actors are also starting to leverage agentic AI to move across the cyber kill chain at previously unseen speeds, the head of the FBI’s Cyber Division recently noted. The most dangerous threat actors today are not defined by the sophistication of their code; they are those who integrate intelligence and technology into a single, continuous system that achieves their criminal goals in the shortest time possible.
Third, these advanced capabilities are not confined to a single model or provider. A Chinese AI model released in June 2026 has reportedly matched Mythos in vulnerability discovery — and unlike Mythos, it is an open-weight model that can be downloaded, modified, and used without the AI developer’s supervision. Even pre-Mythos AI models have demonstrated significant exploitation capabilities — researchers in a widely reported experiment built clones of 30 corporate websites with manufactured vulnerabilities, and tested 33 AI models; a majority of the models identified and exploited the vulnerabilities without receiving any hacking instructions. This week, OpenAI publicly launched its advanced GPT-5.6 model, having received the green light to do so from the U.S. government.
Finally, the deployment of AI systems itself expands an organisation’s attack surface. Earlier this year, the security startup CodeWall undertook AI-based vulnerability scanning research against a few major consulting firms. The exercise swiftly identified critical vulnerabilities in the firms’ AI-powered data platforms, highlighting the risk created as organisations deploy AI agents that interact with their internal systems, APIs, and sensitive data, and adopt AI systems that concentrate access to large volumes of sensitive data in a single system.
For any legal function, the critical takeaway is clear: the modern AI era has removed the grace periods that organisations previously relied upon to close existing gaps. With adversaries able to operate at machine speed, the exposure window has compressed to hours and minutes. Regulators have taken note and recast cyber resilience as a core business risk and leadership responsibility, not a technical issue to be punted to security teams.
Legal and Regulatory Exposure
The legal and regulatory implications of AI-driven cyber threats span multiple jurisdictions with varying requirements. The European Union has moved furthest and fastest on regulating AI and establishing prescriptive obligations that treat cybersecurity as a structured strategic compliance function. The United Kingdom is developing its framework under existing data protection law, reinforced by the Five Eyes joint statement. In the United States, federal AI governance currently relies on a combination of executive orders, agency enforcement under existing statutes, voluntary frameworks, and sector-specific guidance, with legislative movement at the state level.
European Union. The EU NIS 2 Directive (Directive (EU) 2022/2555) and EU AI Act impose complementary requirements around cybersecurity for AI systems deployed in critical infrastructure. NIS 2 addresses the cybersecurity posture of organisations in critical sectors, and mandates tiered incident notification that requires an early warning within 24 hours of awareness of a significant incident. NIS 2 also requires covered entities to implement proportionate cybersecurity measures that are calibrated to the “state-of-the-art,” among other factors, and that reflect an “all-hazards” approach to managing a range of risks. Management bodies must approve cybersecurity risk-management measures and oversee their implementation, and an organisation’s failure to comply or report incidents correctly can result in severe financial penalties. The EU AI Act, which addresses the governance, safety, and trustworthiness of AI systems themselves, creates parallel obligations where high-risk AI systems are deployed in NIS 2-covered sectors, requiring integrated risk management processes that address cybersecurity and AI-specific risks.
United Kingdom. The UK’s developing position — anchored in existing data protection law but informed by the operational urgency that the Five Eyes agencies have articulated — means that the reasonableness of an organisation’s security measures will increasingly be assessed against what was technically possible and commercially available at the time of an incident, including AI-augmented defensive tools. Under UK GDPR and the Data Protection Act 2018, organisations are required to implement appropriate technical and organisational measures to ensure a level of cybersecurity appropriate to the risk. The Five Eyes statement reinforces why that standard is likely to become more demanding in practice, as shrinking exploitation timelines increase risks.
United States. The U.S. cybersecurity regulatory landscape on AI has been shaped by a succession of executive orders aimed at standardising national policy, with sectoral oversight on AI cybersecurity governance — especially within the financial sector — and a growing patchwork of state-level AI regulations. Across all sectors, existing cybersecurity frameworks are being stretched to cover AI, with binding requirements in development. The SEC has identified controls to mitigate risks associated with AI as an examination priority for fiscal year 2026, signaling that registrants should expect scrutiny of their AI-related cybersecurity governance. The New York Department of Financial Services (NYDFS) recently issued industry letters addressing heightened cybersecurity risks associated with frontier AI models. Whilst these letters do not impose new regulatory requirements, NYDFS has historically given such guidance practical supervisory and examination significance.
Simultaneously, a national cyber incident reporting rule for critical infrastructure entities continues to advance. CISA is expected to issue its final rule for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) in September 2026, with a specified later effective date. Once in effect, the law will require covered entities to report cyber incidents to CISA within 72 hours and ransomware payments within 24 hours — in an environment where AI-enabled attacks are expected to be significantly more frequent and faster-moving.
At the state level, Colorado’s superseded AI Act, and recent AI governance legislation in California, Connecticut, Illinois and New York represent early efforts to impose obligations around AI risk management, transparency, and accountability. The direction of travel: compliance teams should anticipate an increasingly layered and crossing-U.S. regime in which executive branch frameworks, federal examination priorities, and state-level AI laws intersect in different ways based on sector.
Immediate Steps to Take Now
It is time-critical for organisations to consider their cybersecurity posture in four immediate areas:
Establish governance authority and decision rights. Identify a single-point decision authority with delegated power to override normal change management processes during critical events. Ensure that crisis governance frameworks clearly allocate who decides what gets patched first and who can authorise emergency remediation outside standard maintenance windows. The point is not merely escalation efficiency; the Five Eyes agencies expressly urge leaders to understand risk, readiness, and accountability and to empower cyber leaders with authority and resources. If these questions cannot be answered clearly today, that is itself a finding that should be escalated.
Conduct an enterprise-wide AI risk assessment. This means going beyond dashboard summaries to examine the raw vulnerability backlog — with age, severity, and coverage gaps documented. It also means ensuring that the organisation maintains an accurate, continuously updated inventory of technology and data assets, including AI agents and non-human identities operating within the estate. The assessment should test whether foundational zero-trust controls are genuinely reducing the attack surface: unnecessary external connectivity should be challenged, legacy and unsupported systems should be treated as strategic liabilities, identity and access permissions should be tightened, and patching processes should be accelerated for exposed or operationally critical systems.
Review third-party AI vendor contracts and assessments. Organisations should contact critical vendors to confirm they are remediating disclosed vulnerabilities and should add AI-driven vulnerability management capability to third-party security assessment criteria. Existing contractual provisions around security standards, notification obligations, and audit rights should be reviewed to ensure they are fit for purpose in the current threat environment. Where a vendor develops, deploys, or supports AI-enabled systems, procurement and legal teams should also test whether secure-by-design and secure-by-default commitments are committed to contract and are auditable, rather than treated as aspirational principles.
Band together for common defence. Organisations should develop robust relationships with regulators, law enforcement, industry peers, and the developers of their chosen AI-models. AI developers are themselves keenly focused on these developments and can be invaluable allies in understanding incidents, along with the more traditional approach of demonstrating a commitment to reasonable security prior to incident by partnering with your regulators, federal law enforcement, peer security personnel, and key outside advisors who each share a different perspective on the issue. In the U.S., an executive order issued last month requires the Treasury Department to form an AI cybersecurity clearinghouse to coordinate software vulnerability scanning and prioritise remediation and distribution of patches. Organisations that position themselves to participate in and act on clearinghouse output will be ahead of the curve.
Update incident response plans. Crisis response must be re-wired before it is needed. Contingency plans should assume worst-case scenarios, including unaddressed third-party vulnerabilities, and should be tested against the new reality of hours-not-weeks exploitation timelines. The Five Eyes statement is explicit that breaches will occur and that preparedness is what allows organisations to contain them quickly and prevent escalation into operational and financial crises. The second line of defence should update the cyber risk framework to reflect the new AI-driven threat baseline and validate that existing controls remain accurately rated given the capabilities now available to attackers.
Longer-Term Strategic Planning
Beyond the immediate crisis response, additional structural changes should be considered, including:
Embedding AI security within enterprise risk frameworks. Risk frameworks should be updated to reflect that 30-day patch service level agreements are no longer viable for exposed or agent-reachable assets. Segmented SLAs — distinguishing between critical, actively targeted systems and lower-risk assets — should be developed, with target remediation timelines compressed to 24 hours for the highest-severity vulnerabilities. Those frameworks should also recognise that resilience cannot rest on a single tool or vendor. Defence in depth, secure-by-default engineering, and regular reassessment of emerging zero-day risk should be built into security policy, investment decisions, and board reporting.
Building cross-functional AI governance structures. Create a task force with dedicated roles spanning technical execution, validation, executive liaison, and AI automation governance. Legal and compliance representation within these structures is critical, particularly in relation to decisions around autonomous agent actions, approval gates, and the conditions under which AI systems may operate without human intervention. Closing the gaps between the first and second lines of defence will be crucial to moving rapidly.
Extending zero-trust principles to non-human identities. As organisations deploy AI agents with increasing autonomy, those agents require scoped credentials and behavioural monitoring equivalent to — or exceeding — that applied to human users. An agent registry with active human supervision and kill-switch controls on every consequential agent action should be a minimum requirement.
Engaging proactively with emerging regulation. Regulatory frameworks are evolving rapidly across all major jurisdictions. In the EU, the NIS 2 Directive, and the AI Act, among others, are creating an increasingly dense compliance environment. In the U.S., the combination of SEC examination priorities focused on AI-related cyber risks, NYDFS supervisory guidance on frontier AI models, and state-level AI governance legislation is producing a layered regime that rewards early engagement. CISA has issued substantial voluntary AI cybersecurity guidance through joint publications with international partners. The legal function should be monitoring regulatory developments, engaging with industry consultations, and ensuring that the organisation can generate board-level attestation on vulnerability posture and AI governance from the outset.
Planning for governed autonomy. From a defensive perspective, adversaries are already using AI to move faster, and organisations that integrate AI into security operations can detect vulnerabilities earlier, improve software quality, monitor unusual behaviour, and respond faster to incidents. The Five Eyes agencies are explicit that this is not optional. Success will come from getting the basics right, acting quickly, and integrating cybersecurity into core business strategy, and defenders must use AI deliberately to strengthen defence rather than merely improve efficiency. The trajectory is clear: organisations will need to move from full human control, through AI-assisted remediation, to a steady state where AI handles the majority of routine remediation autonomously under human governance. Now is the time to be working on developing the policy frameworks, decision rules, and oversight processes that will govern this transition safely — ensuring that accountability remains clearly allocated at every stage.
Conclusion
The developments described in this article are not prospective risks to be monitored from a distance. They represent a present and material change in the threat environment that demands immediate action.
Cyber resilience is now inseparable from operational continuity, market trust, and long-term organisational value. The legal function of the business is uniquely positioned to drive the governance, accountability, and cross-functional coordination that this moment requires.
Organisations that act decisively now — establishing clear decision rights, compressing remediation timelines, embedding secure-by-design expectations, and building governance frameworks fit for machine-speed threats — will be best positioned to manage the legal, regulatory, and commercial consequences of a world in which cybersecurity, both offensive and defensive, is increasingly AI-driven.
Subscribe to Ropes & Gray Viewpoints by topic here.
Stay Up To Date with Ropes & Gray
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Stay in the loop with all things Ropes & Gray, and find out more about our people, culture, initiatives and everything that’s happening.
We regularly notify our clients and contacts of significant legal developments, news, webinars and teleconferences that affect their industries.


