# Five-Eyes joint-statement on AI

> Source: <https://cephalosec.com/blog/five-eyes-joint-statement-on-ai/>
> Published: 2026-07-18 22:11:16+00:00

[Jot](https://cephalosec.com/tag/jot/)

# Five-Eyes joint-statement on AI

The Five Eyes [recently published a joint statement](https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/4523810/five-eyes-cyber-security-agencies-statement/?ref=cephalosec.com) highlighting the urgency of raising our security posture to face AI-assisted cyberattacks. Their recommendations broadly align with my [post-mythos article](https://cephalosec.com/blog/cybersecurity-in-the-post-mythos-era-keep-calm-and-carry-on/) and add more specific recommendations about stepping up incident management processes.

Practical actions

These actions are not new, but are now urgent to reduce not only technical risk, but also operational, financial and reputational exposure:- Reduce your attack surface:Limit unnecessary system access and external connectivity. Challenge whether systems need to be exposed at all and isolate those that do not.

-Accelerate patching processes:AI is shortening the time between vulnerability discovery and exploitation. Delays in patching increase risk, especially for operational systems with long update cycles. Prioritize security updates accordingly to manage risks.

-Address legacy systems:Unsupported systems are easy targets. They are not just technical debt, they are strategic liabilities.

-Review and strengthen identity and access controls:Limit who can access critical systems. Enforce strong authentication and regularly review permissions.

-Prepare for incidents before they happen:Test response plans, train and prepare teams, and assume breaches will occur. Focus on fast containment and recovery.
