Firstly the end to end software supply chain feels under significant strain.The SBOM for AI framework helps tell people what they have and where it came from. But there is an open-source patching crisis, which looks like an AI-induced throughput problem created by LLMs. Too many vulnerabilities. Too few people with authority and bandwidth to close them. Has the exploitation window effectively gone negative? Perhaps people underestimate the extent of the integration of open-source components into their 'paid for' software products. These hidden risks (dependencies and shared frameworks) may only be exposed when volunteer maintainers announce they have a “capacity problem". But that's a lack of requisite imagination. We can also see we have been running the software world on the cheap for decades. So the most sensible policy step would be for governments to ensure investment in the bottleneck, the unpaid volunteer community some of whom are feeling overwhelmed by a flood of AI-generated vulnerability reports.
Secondly, piloting LLM-augmented defensive workflows for alert triage in your SIEM feels like ‘last year's challenge’. If this isn't already in place then ‘ouch!’ get on with it fast. This year, those running a SIEM should be figuring out how to make it an agentic SOC, where agents enrich content, correlate alerts, run investigations and manage cases, turning detections into hunting and immediate actions. If this feels too much, then consider shifting to buying a managed service from someone who can do this for you. I'm in an SMB which has practised 'being cybersmart' for years, yet we currently have requests for quotes from MSPs to upgrade to Falcon Complete (we would now rather pay CrowdStrike to deliver remediation and resolve attacks than assign us homework). We also no longer have enough confidence that our locked-down Google identity management (hardware FIDO2 keys with passkeys which are irritating and comforting in equal measure) is sufficient.
NCSC has provided extensive guidance here to UK organisations
Retaining defensive advantage in the age of frontier AI cyber capabilities
https://www.ncsc.gov.uk/blogs/retaining-defensive-advantage-in-the-age-of-frontier-ai-cyber-capabilities
Preparing for a ‘vulnerability patch wave’
https://www.ncsc.gov.uk/blogs/prepare-for-vulnerability-patch-wave
10 questions to ask when using AI models to find vulnerabilities
https://www.ncsc.gov.uk/blogs/10-questions-ask-using-ai-models-find-vulnerabilities
then more generally on AI adoption for cyber defence and more broadly
Supporting AI adoption for UK cyber defence
https://www.ncsc.gov.uk/blogs/supporting-ai-adoption-for-uk-cyber-defence
Thinking carefully before adopting agentic AI
https://www.ncsc.gov.uk/blogs/thinking-carefully-before-adopting-agentic-ai
Careful adoption of agentic AI services with FIVEEYE peers
https://www.cyber.gov.au/business-government/secure-design/artificial-intelligence/careful-adoption-of-agentic-ai-services
Software Bill of Materials (SBOM) for Artificial Intelligence - Minimum Elements with G7 partners
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/KI/SBOM-for-AI_minimum-elements.html
Understanding adversarial attacks against Machine Learning and AI
https://www.ncsc.gov.uk/paper/understanding-adversarial-attacks-against-machine-learning-and-ai
I like your summary. Two areas felt understated.
Firstly the end to end software supply chain feels under significant strain.The SBOM for AI framework helps tell people what they have and where it came from. But there is an open-source patching crisis, which looks like an AI-induced throughput problem created by LLMs. Too many vulnerabilities. Too few people with authority and bandwidth to close them. Has the exploitation window effectively gone negative? Perhaps people underestimate the extent of the integration of open-source components into their 'paid for' software products. These hidden risks (dependencies and shared frameworks) may only be exposed when volunteer maintainers announce they have a “capacity problem". But that's a lack of requisite imagination. We can also see we have been running the software world on the cheap for decades. So the most sensible policy step would be for governments to ensure investment in the bottleneck, the unpaid volunteer community some of whom are feeling overwhelmed by a flood of AI-generated vulnerability reports.
Secondly, piloting LLM-augmented defensive workflows for alert triage in your SIEM feels like ‘last year's challenge’. If this isn't already in place then ‘ouch!’ get on with it fast. This year, those running a SIEM should be figuring out how to make it an agentic SOC, where agents enrich content, correlate alerts, run investigations and manage cases, turning detections into hunting and immediate actions. If this feels too much, then consider shifting to buying a managed service from someone who can do this for you. I'm in an SMB which has practised 'being cybersmart' for years, yet we currently have requests for quotes from MSPs to upgrade to Falcon Complete (we would now rather pay CrowdStrike to deliver remediation and resolve attacks than assign us homework). We also no longer have enough confidence that our locked-down Google identity management (hardware FIDO2 keys with passkeys which are irritating and comforting in equal measure) is sufficient.
This is an excellent and informative technical comment and I agree completely. Thank you for adding this.