1. Home»
  2. Resources »
  3. Five eyes ai

A rare joint call to arms from Five Eyes, the international intelligence alliance, warns that AI models are 'months, not years' away from transforming the threat landscape for businesses and governments.

What does this mean for business leaders in the UK, and what is the appropriate response?

In practical terms, they are warning that:

  • Cyber attacks will happen faster after initial access

  • Vulnerabilities will be identified and exploited more quickly

  • Organisations will have less time to detect and respond

For IT leaders, that creates a more pressing question than the headline itself: Do you actually have enough visibility of your environment to respond at that speed.?

 

 

WHAT THIS REALLY MEANS FOR YOUR ORGANISATION:

The warning can be summarised simply:
 
Attack speed and vulnerability discovery is increasing.
 
If you don’t fully understand your environment, existing gaps and vulnerabilities will be exposed faster than you can react.
 
In practice:
  • Attackers can move faster once they get access
  • Weaknesses are identified and used more quickly
  • The window to detect and respond is shrinking
Importantly, this is not a new security model. It reinforces familiar priorities:
  • Identity and access control
  • Reducing attack surface
  • Understanding your exposure

It is about current weaknesses becoming easier to exploit, at scale and at speed. Which leads to a practical priority:
Before adding more tools, make sure you understand and control what you already have.
 

A QUICK EXPLAINER ON FIVE EYES:

The Five Eyes (FVEY) is an intelligence alliance made up of: The United Kingdom, The United States, Canada, Australia and New Zealand.
When they issue a joint statement, it reflects combined intelligence across multiple regions, Patterns observed across real-world attacks and a forward view of where threats are heading.
Five-Eyes-featured


WHAT IS THE UK GOV'S POSITION?

The NCSC have responded to the warning with their own article, recommended the following principles need to be central for all organisations:

  • Secure-by-design and secure-by-default must become standard practice – not an aspiration.
  • Resilience cannot depend on a single solution or technology. Defence in depth remains essential.
  • As AI systems evolve, new and previously unknown vulnerabilities will emerge, including zero‑day vulnerabilities.
Again, the fundamentals are not changing. The expectation is that organisations apply them more consistently.
 
 

THE CAT AND MOUSE GAME JUST SPED UP...

Cyber security has always been a balance.
  • Attackers probe for gaps
  • Defenders close them
  • Technology evolves on both sides
AI changes the pace of that cycle. Attackers can now:
  • Automate parts of the attack chain
  • Identify vulnerabilities faster
  • Scale activity more easily
At the same time, Microsoft and other vendors are responding with more advanced security, automation and governance capabilities, often within higher-tier licensing and newer AI-driven tools. For IT leaders, this creates a different challenge. Not just “are we protected?” but:
 
  • Are we using what we already own?
  • Are those controls configured properly?
  • Do we actually understand our biggest risks?
Because capability without clarity does not reduce risk.
 
 

WHERE EXPOSURE LIVES:

The issue is rarely a complete lack of security. It is incomplete visibility. Many organisations cannot clearly answer:
  • Who has access to sensitive data
  • Where permissions have changed over time
  • Which third-party or AI tools are connected to Microsoft 365
  • Whether inactive or over-privileged accounts still exist
  • What data tools like Copilot could surface
That uncertainty is manageable when threats move slowly. It becomes far more serious when they do not.
 
 

SHADOW AI ADDS ANOTHER LAYER OF COMPLEXITY:

Generative AI is following a familiar pattern. Employees experiment, teams find productivity gains, usage spreads quickly

But governance does not always keep up. This creates what is now called Shadow AI. Not malicious. Just unmanaged. Typical unknowns include:


  • Which tools are in use across the business
  • What data is being shared externally
  • Whether AI tools are connected into Microsoft 365
  • If existing permissions align with AI access
The Five Eyes warning increases the importance of this. Because unmanaged access and unclear data exposure are exactly what faster attacks exploit.
 
 
 

SO... WHAT CAN WE DO ABOUT ALL THIS?

 

1. Understand your current environment

A structured tenant assessment should look at:
  • Inconsistent Multi-Factor Authentication (MFA)
  • Privileged accounts that have not been reviewed
  • Third-party apps with excessive access
  • Identity and access risks and reduce your attack surface
  • Legacy systems, anything unsupported is an easy target
  • Readiness for AI tools like Copilot

2. Review what you already own

Many organisations already have security capabilities within Microsoft 365 that are underused or misconfigured. A licensing and capability review answers:
  • Which features are available today
  • Whether they are being used effectively
  • Review whether or not a frontier package like Microsoft E7 could be the logical next step for your business
This avoids unnecessary investment while improving protection.
 

3. If you need help, don't wait. Bring in specialist security expertise

Keeping across everything can be challenging. It is better to seek assistance than to attempt to manage it in-house if you don't have a clear grasp. Additional expertise can help to:
  • Interpret risk across the environment
  • Prioritise the most important actions
  • Support ongoing governance, not just one-off fixes
This strengthens decision-making rather than replacing internal ownership.
 

 

CYBER SECURITY REMAINS A LEADERSHIP CHALLENGE

Ownership at board level is key. Senior leaders must ask:
  • Where are we exposed?
  • Do we understand access and permissions?
  • How is AI being used across the business?
  • Are we confident in our current controls?

 

DON'T PANIC!

The Five Eyes warning is not a signal to panic. It is a reminder. AI is not changing the fundamentals of security. It is making them more urgent. The organisations that respond best will be those that know their environment and can act quickly when something changes.
 
 

UNSURE WHAT TO DO NOW?

If you’re concerned about how quickly the threat landscape is evolving, but aren’t sure how exposed your organisation is, it’s worth starting with a simple conversation.
 
We can help you sense‑check your current environment, understand where the real risks sit, and outline practical next steps based on your setup. No commitment. Just clarity on where you stand and what to do next.
 

YOU MAY ALSO BE INTERESTED IN:

 

Five Eyes issue rare warning about AI cyber risks. What does it mean?
A rare joint call to arms from Five Eyes, the international intelligence alliance, warns that AI..
View Post
Are you investing in AI for the right reasons, or reacting to pressure?
AI can deliver real value. But it is not automatically worth it. If it is not tied to a clear..
View Post
Your IT environment knows where the problems are. Do you?
Your systems are running. Your team is getting things done. Nothing is obviously broken. So why..
View Post

View all

close
close
search