Five Eyes cyber agencies have warned that artificial intelligence is rapidly changing cyber risk, urging organisations to treat security resilience as a board-level priority.

The UK National Cyber Security Centre published the joint statement with partner agencies from the United States, Canada, Australia and New Zealand. The statement says the pace of frontier AI development means cyber risk assumptions can become outdated in months rather than years.

The agencies say AI can help defenders detect vulnerabilities, improve software quality and respond faster to incidents. But they also warn that adversaries are already using AI to move more quickly and effectively.

The central message is practical rather than speculative: organisations should strengthen basic security, reduce unnecessary exposure, modernise legacy systems and integrate cyber security into core business strategy.

The public statement does not confirm specific classified incidents or announce new legal requirements. Claims about particular AI models, government restrictions or imminent model capabilities should be verified separately before being linked to the Five Eyes statement.

For companies, the warning is still significant. It signals that major intelligence partners now see AI-enabled cyber risk as a live operational problem, not a distant policy debate.