07/07/2026 | Press release | Distributed by Public on 07/07/2026 05:48
Recent advances are rapidly expanding the capabilities of frontier AI models across a wide range of domains. While these technologies offer significant opportunities, they also introduce new cybersecurity challenges. The ability of frontier AI models to process vast amounts of information, generate sophisticated code, or automate complex workflows can be leveraged by a growing number of malicious actors to increase the scale, speed, and effectiveness of cyberattacks.
Traditional cybersecurity measures such as vulnerability and patch management show serious limitations in the current evolving cyber threat landscape augmented with frontier AI models capacities. Traditional vulnerability management largely depends on a manageable delay between a vulnerability disclosure and the active exploitation, providing organizations with a time window typically large enough to manage the associated risks through established patch management and remediation processes. Frontier AI models have the potential to decrease this time window drastically. Whilst applying vulnerability patches faster is a genuine and necessary answer, it must be done in a controlled manner and is insufficient as a standalone approach. Indeed, as the time-to-exploit window tends to zero, the assumption that some cyberattacks will succeed must be properly addressed.
The observations of the CSSF of the security measures in place at many financial institutions align with the above statements: in most cases vulnerability scans are not sufficiently frequent and fixes come often too late. Furthermore, the CSSF has noted that a considerable number of supervised entities do not review the safeguards for ensuring the security of networks as frequently as required and lack automated and frequent reviews of secure configuration baselines.
In this context, the CSSF invites supervised entities to carefully review the following publications by the ESRB and the FSB on Artificial Intelligence (AI):
Considering this rapidly evolving cyber risk environment driven by frontier AI models and in line with the ICT risk management requirements set out in the Digital Operational Resilience Act (DORA)1 or other relevant national regulations, the CSSF would like to clarify that it expects all the members of your management body to establish governance structures that support effective management of frontier AI related risk, and in particular to closely monitor this risk and to support, to the best possible, the strengthening of your organization's resilience against AI-enabled threats.
For a better efficient use of scarce cybersecurity resources and budget, we recommend a balance of cybersecurity efforts, not putting all the efforts in high-frequency patching only, but adopt a more holistic approach, covering the traditional cybersecurity functions: identify, protect, detect, respond and recover.
We encourage you to liaise with your peers, industry associations and cybersecurity experts. When defining the content and coverage of your action plan to better face the new wave of AI-augmented cyberattacks, you are invited to consider, notably, the measures and pieces of advice listed below.
***
Reduce the number of internet-exposed systems to minimize the external attack surface and lower exposure to potential cyber threats. For example, edge devices and VPN appliances are among the leading entry points for cyberattacks. In addition, reduce what cannot be defended: end-of-life and unsupported technology should be decommissioned or replaced as soon as possible, prioritising anything on the external surface, since no amount of patching can secure a component that the vendor no longer fixes. To note that an accurate ICT asset inventory is a prerequisite for reducing the attack surface.
Patch management should not be mainly driven by traditional severity scores. A vulnerability rated "critical" on paper is not always the one most likely to be used for active exploitation. In an AI-augmented cyber threat landscape, priority should be based on exposure and exploitability: is the vulnerable system Internet-exposed, is the vulnerability already being exploited in the wild, is it listed among Known Exploited Vulnerabilities, or is there a high probability of real-world exploitation? This approach helps attributing the cybersecurity resources where the risk is highest. The objective is not to patch everything faster, which is unrealistic and may carry operational risks without appropriate control, but to be faster in patching or mitigating first the vulnerabilities that attackers are most likely to weaponise. One caveat is essential: exploitability signals may lag the AI-accelerated discovery tempo, and a freshly AI-discovered zero-day is by definition not yet listed or scored. So, exposure should be weighted as a first-class criterion alongside exploitability, and compensating controls are applied whenever neither a patch nor a reliable score is yet available.
Supply chain attacks targeting software libraries as an initial-access vector is increasing. Locking down the development pipelines to limited trusted access, enforcing a minimum age for package update and removing any plaintext secrets are key measures. To note that the minimum-age rule should include a security-fix fast-path, so the quarantine never delays a validated security patch.
Systems and networks should be designed on the assumption that some cyberattacks will succeed. The objective is therefore not only to prevent intrusion, but to stop a compromised account, server or application from becoming a company-wide incident. This requires engineering the ICT environment so that attackers cannot easily move laterally, escalate privileges, or reuse stolen credentials or tokens across critical systems. Practical measures include network segmentation, zero-trust principle, separation of privileged access through an identity tier model, frequent rotation of credentials and tokens, phishing-resistant multi-factor authentication, strict access controls between environments, and strong monitoring of privileged actions.
Threat hunting should be a proactive practice, focused on detecting abnormal behaviours, hidden persistence traces, suspicious access patterns, and early signs of compromise, at least for the most critical systems.
Operational response procedures should cover a dedicated "no-patch-exists" scenario: when a vulnerability is exploited before a vendor fix is available, the response team should take actions to limit the exposure through temporary containment measures such as disabling vulnerable functions, isolating systems, restricting access, increasing monitoring, rotating credentials, or blocking suspicious traffic. The containment measures should be pre-built, tested and the authority to trigger them should defined. The objective is not to replace patching, but to avoid being paralysed while waiting for a patch.
Defending against AI-enabled attackers with hardened classical controls is necessary but no longer sufficient; the same capabilities must be turned to defence. Three concrete tracks apply: integrate AI-assisted vulnerability discovery into the development pipeline, so flaws are closed before they ship; use AI-assisted triage and threat-hunting in the SOC to keep pace with attacker tempo; and run AI-assisted discovery against the commercial software, reporting findings through coordinated disclosure. A human shall obviously have a review of the identified findings and take ownership of the remediation, to avoid false positives and unfit counter measures.
From penetration testing to scenario-based tests or simulation of sophisticated real-world cyberattacks against live systems, testing is the ultimate way to assess the detection and response capacities and the global cybersecurity posture.