Frontier AI accelerates cyber risk for financial sector

Recent advances in frontier AI are fundamentally altering the cyber risk landscape by dramatically increasing the speed and scale of attacks.

This development weakens traditional security approaches that rely on periodic scanning, patching cycles, and manual intervention.

Examples like Anthropic's Claude "Mythos" Preview have demonstrated the ability of advanced models to autonomously discover high-impact software vulnerabilities and generate working exploits.

This materially compresses the time between vulnerability existence and exploitation.

While AI-assisted vulnerability discovery and attack automation are not new, frontier AI capabilities represent a significant acceleration in speed, scale, and autonomy, reinforcing a trajectory where attackers weaponize weaknesses at machine speed across complex technology environments.

The Prudential Authority (PA) emphasizes that these developments do not signal an immediate crisis for the South African financial sector but require a measured, forward-looking approach.

The PA's supervisory focus is shifting from mere awareness of AI-accelerated cyber risk to execution, operational resilience, and effective decision-making under compressed timeframes.

Institutions are expected to prioritize cyber risk based on exploitability, continuously validating exposure across all applications, dependencies, and third-party connections.

Detection and response capabilities should operate at machine speed through appropriate automation, supported by strong identity and access controls.

Boards and senior executives hold responsibility for clear ownership and oversight, ensuring decision-rights for containment and recovery are predefined and risk appetite is reviewed against compressed attack timelines.