The Australian Signals Directorate has spent the past few months publishing updates on how powerful AI is changing cyber security. The latest one carries a message every business owner should sit with: the same AI that can find and fix weaknesses in your systems can just as easily find and exploit them. AI cyber security threats are no longer a future problem. They are being built, tested and shipped right now.
Here is the part that should get your attention. ASD’s advice is not aimed only at banks and government departments. It is aimed at organisations of every size, including yours.
ASD’s update focuses on something called an AI model harness. Skip the jargon and it means this: the clever part is no longer just the AI model itself, it is the system built around it. That surrounding system plans tasks, uses tools, checks its own work, and coordinates several AI agents to complete complicated jobs. One of those jobs is finding software vulnerabilities and writing the code to exploit them.
The headline finding is blunt. A well-built harness running mid-tier AI models can match the results of the most advanced, top-tier models. An attacker does not need access to the world’s best AI to cause real damage. Cheaper, widely available models plus good engineering are enough.
That is why AI cyber security threats have moved from theoretical to practical. Microsoft reported that an internal AI system helped its researchers find enough vulnerabilities to drive its largest-ever Patch Tuesday: 206 fixes in a single month. When the biggest software vendor on earth is finding holes at that rate with AI, the people on the other side are doing the same.
Small and medium businesses in Perth and across Australia have long relied on a quiet advantage: attackers had bigger, richer targets to chase. That advantage is eroding.
AI harnesses lower the cost and skill needed to run an attack. A criminal who once needed a skilled team can now point an automated system at thousands of businesses at once and let it hunt for weaknesses. This helps opportunistic attackers, not just sophisticated ones. You do not have to be a target of interest anymore. You just have to be reachable and unpatched.
ASD is direct about the consequence. The defensive advantage now depends on organisations adopting these tools at least as fast as the attackers do. Standing still is the same as falling behind.
Here is the flip side, and it is genuinely encouraging. If a capable harness running mid-tier models can match top-tier AI, that maths works for defenders too. You do not need a multi-million-dollar AI budget to get strong protection. You need the discipline to use these capabilities properly.
Several of the tools ASD referenced are open source, which means your security provider can adopt and adapt them. Anthropic released an open reference system for automatically finding and fixing code vulnerabilities. A security firm called Hadrian released a similar open project. The building blocks are on the table for any provider willing to pick them up.
This is exactly the kind of work a capable managed cyber security partner should already be planning for. If yours cannot tell you how they are using AI to find problems before attackers do, that is a gap worth raising.
There is a trap in all of this. AI is very good at producing a long list of potential weaknesses. It is far less useful if nobody has the capacity to verify those findings and actually fix them.
ASD makes this point clearly. The advantage comes from pairing AI discovery with the ability to act: triage what is real, patch what matters, and confirm the fix held. A report full of AI-generated findings that sits in an inbox protects nobody.
This is the real work behind cyber security, and it does not disappear because AI got clever. Someone still has to run the tools, read the output with a trained eye, and close the gaps. Regular penetration testing and endpoint detection and response are how that discipline shows up in practice. And the Essential Eight remains the baseline ASD expects Australian organisations to reach, with patching and application control doing much of the heavy lifting against exactly this kind of automated attack.
The old mental model was that cyber attacks were mostly manual, so being a small, unremarkable business kept you off the radar. That model is out of date. When attacks are automated and cheap to run at scale, obscurity stops being protection.
It also changes the questions you should be asking your provider. Not “are we protected”, which invites a comfortable yes, but “how quickly would we know if a new vulnerability appeared in our systems, and how fast could we close it”. Speed is the whole game now. ASD’s own framing, set out across its artificial intelligence guidance, is a race, and the winner is whoever moves first.
Ask your IT or security provider how they are using AI defensively. A straight answer should cover how they find vulnerabilities across your environment, how often, and what happens to the findings. Vague reassurance is a red flag. If you do not have a dedicated provider for this, that is the first gap to close.
Check your patching and remediation speed, not just your tools. The ASD update is clear that finding problems is worthless without the capacity to fix them. Look at how long it takes your business to patch a critical vulnerability today. If the honest answer is weeks, automated attackers have a wide window.
Get an independent view of where you stand. Talk to us for a free security gap analysis. We will show you where an AI-driven attacker would probe first, and what it would take to close those gaps before someone else finds them.
AI cyber security threats are attacks where criminals use artificial intelligence to find and exploit weaknesses in your systems faster and at greater scale than a human team could. ASD’s 2026 guidance warns that these tools are now cheap and widely available, so businesses of any size can be targeted by automated attacks.
Yes. AI cyber security threats lower the cost and skill needed to attack, so criminals can now scan thousands of businesses automatically rather than hand-picking large targets. Being small no longer keeps you off the radar. Reachable and unpatched systems are enough to make you a target.
A harness is the system built around one or more AI models that plans tasks, uses tools, checks results, and coordinates multiple AI agents. ASD found that a well-built harness running mid-tier models can match the most advanced AI, which is why the tools are so accessible to both attackers and defenders.
Adopt the same class of tools defensively and pair them with the capacity to act. That means finding vulnerabilities regularly, patching quickly, and confirming fixes held. Reaching Essential Eight maturity, running penetration testing, and using endpoint detection and response are practical starting points for most Perth businesses.
ASD published a series of updates through 2026 on how frontier AI is reshaping cyber security. The key message is that the defensive advantage now depends on organisations adopting AI-driven tools at least as fast as attackers do, because the same capability that finds and fixes vulnerabilities can also find and exploit them.