UK Warns: Frontier AI Cyber Risks Threaten Finance

UK financial services firms must manage cybersecurity risks from frontier AI. The UK government, Financial Conduct Authority, and Bank of England issued a joint statement about this on May 15. They warned that the cyber capabilities of current frontier AI models already exceed what a skilled person can achieve, at a higher speed, greater scale, and lower cost. If used maliciously, these capabilities amplify cyber threats to firms, customers, market integrity, and financial stability. Firms need effective protective, detective, threat containment, and cyber-response capabilities. This includes strong governance, vulnerability management, and managing third-party risks, especially from open-source software. They also need to protect unsupported systems and consider cyber insurance. The authorities recommend access management, network security, data protection, and using automated and AI-enabled defenses. Firms must also be able to respond to and recover from disruptions quickly. The government and UK financial authorities will continue to monitor frontier AI developments and engage with the industry. This matters because these advanced AI models could increase cyber risks, making firms more exposed if they don't invest in cybersecurity.