ENISA warns frontier AI is compressing cyberattack timelines

Frontier AI cybersecurity risks could compress exploitation timelines from months to minutes.

Abstract image of frontier AI cybersecurity, showing machine-speed threats, vulnerability management and defensive cyber operations

The European Union Agency for Cybersecurity has warned that frontier AI models are compressing cyberattack timelines and challenging traditional defence practices.

In a July 2026 paper, ENISA said advanced AI models are reducing the time between vulnerability discovery and exploitation, creating new pressure on vulnerability management, patching and incident response.

The agency said open-weight models may reach similar capabilities within 9 to 12 months, while existing models combined with skilled security experts can already produce comparable results.

ENISA warned that attackers may gain access to exploits before fixes are available, while legacy systems and end-of-life products could become more exposed to AI-assisted vulnerability discovery.

The agency also said more frequent patch releases may increase the risk of service disruption, while open-source maintainers could be overwhelmed by AI-generated vulnerability reports.

Security fundamentals still matter, but ENISA said defenders must apply them faster. It recommended shifting resources from vulnerability discovery towards risk-based prioritisation, rapid triage, remediation and risk reduction.

The paper also calls for defensive AI tools to be integrated into software development, incident response and threat modelling, with human-gated workflows and stronger workforce skills.

At the EU level, ENISA said existing frameworks, including NIS2, the Cyber Resilience Act, and the EU AI Act, should be used to assess and mitigate systemic risks linked to advanced AI models.

For defenders, the agency recommended near-real-time security operations, AI-assisted threat modelling, dynamic incident response pipelines and single-digit-minute detection and response targets.

Why does it matter?

ENISA’s paper frames frontier AI as a structural cybersecurity challenge, not just another tool for attackers or defenders. If vulnerability discovery, exploit development, and lateral movement happen at machine speed, organisations will need faster triage, stronger automation and clearer human oversight. The report also connects AI cybersecurity to the EU’s wider regulatory framework, showing that NIS2, the Cyber Resilience Act and the AI Act will all matter in managing systemic cyber risks from advanced models.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!