Five Eyes Cyber Agencies Signal a New AI Security Consensus: “We Must Act Now”

On 22 June 2026, the cybersecurity agencies of Australia, Canada, New Zealand, the United Kingdom, and the United States (collectively known as the Five Eyes) issued a call for action titled “The AI Shift in Cyber Risk: Why Leaders Must Act Now.”

AI-enabled cyber threats are significant enough for the Five Eyes governments to appeal directly to leaders of organisations to take immediate action. They recommend leaders embed cybersecurity into core business strategy before AI further accelerates the advantage for attackers. The statement captures the urgency clearly: 

“AI is not a future consideration – it is already here. It lowers barriers for malicious actors and increases the speed and complexity of attacks, shrinking the window between vulnerability discovery and exploitation ever more quickly.” 

In this new threat environment, the first priority is to reduce the number of reachable targets, because organizations cannot assume they will always identify and patch vulnerabilities before attackers find and exploit them. The Five Eyes therefore recommend organizations reduce their attack surface as the most important action.

The Convergence of Government Guidance and Security Research

The Five Eyes agencies recommend five practical actions:

1. Reduce attack surface.
2. Accelerate patching processes.
3. Address legacy systems.
4. Review and strengthen identity and access controls.
5. Prepare for incidents before they happen.

These recommendations closely align with the lessons identified in Antrophic’s Zero Trust for AI Agents framework and in Zscaler’s own research. As noted in our preliminary security research published on Anthropic Mythos and OpenAI GPT 5.5, these systems are becoming increasingly effective at tasks traditionally associated with offensive cyber operations, including reconnaissance, vulnerability discovery, and operational scaling. AI does not just replace human attackers. Rather, it dramatically increases their efficiency. The Five Eyes agencies are addressing this trend from a policy perspective with their guidance mapping to security researcher’s findings. 

The Five Eyes Five Actions Organizations Should Take Now

1. Reduce Attack Surface

“Limit unnecessary system access and external connectivity. Challenge whether systems need to be exposed at all and isolate those that do not.”  

The agencies place attack surface reduction first for a reason. Every exposed application, unmanaged asset, open network path, and implicit trust relationship creates an opportunity for attackers. AI increases the likelihood that these opportunities will be discovered and exploited quickly. The most straightforward risk reduction step is therefore to eliminate internet exposure

Organizations should focus on:

• Eliminating unnecessary internet exposure

• Restricting network connectivity

• Reducing implicit trust

• Implementing application segmentation

• Providing access based on identity rather than network location

Zscaler helps organizations reduce attack surface by eliminating direct exposure of applications and services to the internet, connecting users securely to applications rather than extending network access.

2. Accelerate Patching Processes

“AI is shortening the time between vulnerability discovery and exploitation. Delays in patching increase risk, especially for operational systems with long update cycles. Prioritise security updates accordingly to manage risks.” 

The agencies note that AI is shortening the time between vulnerability discovery and exploitation.

However, most organizations do not suffer from a lack of vulnerability data. They suffer from a lack of prioritization.

Security teams increasingly need to understand which vulnerabilities create meaningful exposure and which do not. Effective remediation requires context around exploitability, asset criticality, and exposure pathways rather than simply counting vulnerabilities.

Organizations that combine exposure management with risk-based prioritization are better positioned to focus resources where they matter most.

Zscaler helps security teams understand which vulnerabilities are genuinely reachable and exploitable, enabling organizations to focus remediation efforts on the risks most likely to impact the business.

3. Address Legacy Systems

“Unsupported systems are easy targets. They are not just technical debt, they are strategic liabilities.” 

Many critical systems were designed for an era that assumed trusted networks and predictable threats. They often lack support for modern authentication, visibility, segmentation, and monitoring capabilities.

While modernization remains the ultimate objective, organizations can reduce risk immediately by isolating legacy environments, restricting access, and limiting unnecessary connectivity. Zscaler enables organizations to apply modern access controls and segmentation around legacy environments, reducing risk while modernization programs are underway. By isolating unsupported systems, restricting access, and preventing lateral movement, organizations can protect critical assets without the cost and disruption of immediate large-scale replacement. This approach also delivers measurable ROI by reducing reliance on legacy firewalls and other appliance-based infrastructure, lowering operational complexity and cost over time. 

4. Review and Strengthen Identity and Access Controls

“Limit who can access critical systems. Enforce strong authentication and regularly review permissions.” 

The Five Eyes crucially lead with “Limit who can gain access to critical systems” in this section. In practice, this means shifting from broad, implicit access to a model where every user, device, AI agent and session is explicitly verified before reaching sensitive resources. Least-privilege access ensures any user or AI agent receives only the minimum level of access required to perform roles. As AI enhances phishing campaigns, credential theft, and social engineering attacks, organizations can no longer rely on network location as proof of trust.

Strong identity controls should include:

• Multi-factor authentication

• Least-privilege access

• Continuous verification

•  Device posture assessment

• Regular permission reviews

The goal is not simply to authenticate once. It is to continuously validate trust throughout every interaction. Zscaler’s identity-centric approach ensures access only to the applications and resources needed, based on continuously evaluated risk and context.

5. Prepare for Incidents Before They Happen

“Test response plans, train and prepare teams, and assume breaches will occur. Focus on fast containment and recovery.” 

The agencies explicitly advise organizations to assume breaches will occur throughout the guidance not just under this action. This reflects a broader shift from prevention-focused security toward resilience-focused security. No organization can prevent every attack. The objective is to limit the impact of successful attacks through containment, visibility, response readiness, and recovery planning.

Organizations that assume compromise are often better positioned to withstand it. Zscaler’s segmentation, visibility, and policy enforcement capabilities help organizations contain incidents, limit lateral movement, and reduce operational impact when breaches occur.

Using AI to Defend Against AI

The Five Eyes agencies emphasize, in a standalone section of the guidance, the importance of using AI to strengthen defense.

This reflects a simple reality: attackers are already benefiting from AI-enabled capabilities. Defenders must do the same. This is an area where Zscaler has been investing heavily. As AI evolves from chat interfaces to autonomous agents capable of accessing enterprise data, invoking tools, and interacting with other agents, organizations need visibility and control over how those systems operate. 

As outlined in our recent blog, How Zscaler Secures the Agentic AI Era with Zero Trust, organizations should apply the same principles that have proven effective for users and workloads. 

Zscaler’s complete Zero Trust platform for Agentic AI helps organizations understand what AI systems can access, govern interactions between AI agents and enterprise resources, protect sensitive data, and reduce the risk of unintended or unauthorized actions. As organizations increasingly use AI to defend against AI, securing AI itself becomes an essential component of cyber resilience.

AI can help organizations:

• Discover vulnerabilities earlier

• Prioritize remediation efforts

• Detect anomalies faster

• Accelerate investigations

• Improve response times

• Reduce analyst workload

Organizations that fail to adopt AI-enabled security capabilities risk creating an asymmetry that favors attackers.

A Policy Signal Worth Paying Attention To

Five Eyes statement reinforces principles that security leaders have been discussing for years: reduce exposure, strengthen identity, limit trust, build resilience, and prepare for compromise. 

The difference is the urgency in which the message is being conveyed and the speed in which leaders of organizations must now act. The message from both policymakers and practitioners is clear. The organizations best positioned to succeed will not necessarily be those that simply patch the fastest. They will be the ones that expose the least, trust the least, and recover the fastest.

Zscaler can help organizations turn this call for action into immediate action by reducing exposure, enabling zero trust, and strengthening resilience.