Leaders of the “Five Eyes” cybersecurity agencies from Australia, Canada, New Zealand, the United Kingdom, and the United States have united to issue a “call to action” that “the evolving landscape of artificial intelligence (AI) is rapidly transforming cyber risk, and we must act swiftly to remain ahead.”
The agencies state that AI “accelerates the speed, scale, and sophistication of cyber threats…In this environment, cyber resilience is integral to advancing business continuity, market confidence, and long-term value.”
The agencies urge leaders of all industries to
“Success will come from getting the basics right, acting quickly, and integrating cybersecurity into core business strategy,” the agencies state. “Those that do not will face growing operational and strategic disadvantage. The urgency is clear: AI is not a future consideration—it is already here.”
They state that “cyber resilience is not an IT issue—it is central to operational continuity and market trust. Leaders who act now will reduce exposure, strengthen resilience, and build confidence with customers, partners, and investors. Those who delay will face growing and avoidable risk.”
The agencies recommend numerous actions to reduce operational, financial and reputational exposure, including reducing attack surface, accelerating patching processes, addressing legacy systems, reviewing and strengthening identity and access controls, and preparing for incidents before they happen.
Read the entire Five Eyes statement here.
The American Hospital Association (AHA) issued a statement regarding the call to action:
“This important advisory from leaders of the world’s most trusted domestic and international cybersecurity agencies amounts to a clear and stark warning for the private sector,” said John Riggi, AHA national advisor for cybersecurity and risk. “Cyber adversaries are using AI to increase the speed, sophistication and severity of cyberattacks. Within months, not years, the rapid development of frontier AI models will accelerate cyber risk. It is recommended that organizations treat cyber risk as an enterprise risk, use AI to bolster network defenses, and mitigate potential risk to patient care and safety by preparing in-depth cyber resiliency and extended clinical continuity plans. It is especially important for hospitals and health systems to prioritize cyber resiliency for mission-critical and life-critical services.”
