Artificial general intelligence will deliver highly autonomous systems that will reshape cybersecurity and our threat landscape.Countering cyber threats will involve responding to campaigns of malicious attacks using the same tools; however, success depends on whether attackers or defenders adopt the tools more quickly.For secure AI adoption, all stakeholders in the AI ecosystem, including governments, industry, academia and experts, will need to take intentional, proactive and coordinated action.<\/p>\n
Artificial general intelligence (AGI) refers to highly autonomous artificial intelligence<\/a> (AI) systems that can perform most cognitive tasks as well as humans. Unlike today\u2019s AI, often built for task-specific purposes such as chatbots or image recognition, AGI would be able to demonstrate intellectual reasoning, learning, and adaptability across multiple domains. <\/p>\n And unlike current AI tools, which respond only when prompted, we expect AGI systems to initiate actions, pursue goals and sustain operations without direct supervision (although not to be confused with artificial superintelligence, which is yet to come, where machines could accomplish any cognitive work far beyond the human level).<\/p>\n However, AGI remains more of a moving target than a settled definition, with academics and industry offering different interpretations. What is clear is that if it emerges, it will reshape cybersecurity and our threat landscape.<\/p>\n An uneven contest<\/p>\n There is growing concern about how this technology intersects with cybersecurity. In the digital realm, attackers enjoy an inherent advantage: they only need to succeed once, whereas defenders must continuously defend every potential weakness. Advanced AI models<\/a> have already amplified<\/a> this asymmetry. AGI will magnify these asymmetries further unless policy-makers, industry and researchers act decisively. <\/p>\n If today\u2019s frontier AI<\/a> already challenges defenders, AGI raises the stakes further. Security operations will need to counter campaigns, not just discrete incidents. <\/p>\n \u201c<\/p>\n Adversaries are moving faster and experimenting freely with new tools, while defenders are often slowed by bureaucracy, legacy processes and risk aversion.<\/p>\n \u201d<\/p>\n In the past, organizations worried about single incidents \u2013 a phishing email or a piece of malicious code. AGI could potentially allow attackers<\/a> to run campaigns driven not by a human attacker behind the keyboard, but by machine intelligence that learns and adjusts in real-time.<\/p>\n Imagine a data breach timed to coincide with a disinformation campaign and a disruption to supply chains. This can cause a coordinated pressure on leaders and infrastructure across the cyber, physical and information domains. Responding would require a much more integrated view of the threats, intelligence and remedies across these domains. <\/p>\n Equally worrying is how AGI shortens the stages of an attack. Cyber operations that once unfolded over weeks could be completed in hours<\/a>. AGI systems could chain together different stages of an attack (e.g. reconnaissance, vulnerability discovery and exploit development) and run thousands of cheap attempts until something returns positive.<\/p>\n A double-edged sword<\/p>\n Yet, AGI is not destined to be an attacker\u2019s tool alone. Studies show<\/a> that AI systems are often better at defensive tasks, such as patching, than at exploit development. Used well, AGI can be a potent force multiplier. It can relieve overworked security teams of routine triage and remediation. <\/p>\n Months-long patching cycles might be cut to days, narrowing the window of opportunity for adversaries. AGI can also shift cybersecurity from reactive firefighting to proactive resilience. Systems can be made more resilient<\/a> by continuously scanning for misconfigurations, simulating fixes and flagging the most critical exposures before they are exploited. <\/p>\n By taking over routine tasks and providing support in decision-making, AGI can give human analysts more space to focus on complex investigations and strategic challenges.<\/p>\n However, the real challenge is not whether AGI can serve defensive capabilities better but how quickly defenders can adopt it compared to attackers. Adversaries are moving faster and experimenting freely with new tools, while defenders are often slowed by bureaucracy, legacy processes and risk aversion. <\/p>\n This pace differential is exacerbating the offence-defence asymmetry. To shift the balance, defenders must accelerate the use of AI, embedding it into practice or face ceding the initiative to attackers.<\/p>\n The wider international context<\/p>\n Already, AI is central <\/a>to critical infrastructure, economic systems and national security. It has become a means and a goal of national and international advancement, and the global AI landscape is poised to reshape economic markets and security paradigms. <\/p>\n Yet, small and developing countries without access to AI are already missing out on the boost in efficiency, innovation and economic growth that AI brings. The entrance of AGI will likely exacerbate this gap, causing them to risk being left behind.<\/p>\n It is thus imperative that we continue to close all digital divides and advance an equitable digital environment for all, as outlined in the United Nations Global Digital Compact.<\/p>\n A call to action<\/p>\n As AGI becomes embedded in our digital infrastructure, it will not only shape the threat landscape but also become<\/a> a direct target within it.<\/p>\n Opportunities to compromise AI systems will continue to grow; stakeholders should, therefore, consider opportunities for securing the AI tech stack<\/a> (data, model, infrastructure, applications and governance) and taking a life cycle<\/a> approach to securing AI systems<\/a> now, before we realize the full development of AGI and for using AI in our common digital infrastructure. <\/p>\n To ensure the secure adoption and use of AI, all stakeholders in the AI ecosystem, including governments, industry, academia and experts, will need to take<\/a> intentional, proactive and coordinated action today. <\/p>\n First, having a good<\/a> understanding of the technical aspects of AGI is no longer optional for policy-makers and cybersecurity professionals but a necessity<\/a>. Policy-makers need to understand the technical intricacies of AI and AGI so as to develop frameworks and approaches that balance innovation with safe and secure adoption. <\/p>\n For small and developing countries, capacity-building could be one avenue to address this skills gap.<\/p>\n \u201c<\/p>\n The task before us is clear and urgent: to elevate AI security as a shared global priority, to embed it in governance and design and to act together, decisively and early, so that AGI strengthens our digital resilience instead of undermining it.<\/p>\n \u201d<\/p>\n Next, there needs to be a concerted effort<\/a> to raise the security baseline for AI. The autonomy and adaptability of AGI will demand new security paradigms and approaches. Clearer guidelines, harmonized standards and practical tools can help organizations make informed choices as they adopt frontier AI. <\/p>\n For example, the Cyber Security Agency of Singapore has developed guidelines<\/a> and a companion guide<\/a> on securing AI systems throughout their lifecycle. As AI systems become increasingly interconnected, security standards will emerge as the common language enabling safe and seamless interoperability. <\/p>\n Ultimately, international <\/a>and industry cooperation<\/a> will be crucial in mitigating the security risks associated with AGI. Given the transboundary nature of cyber, we are only as strong as our weakest link. <\/p>\n The international community must work together towards an open, secure, stable, accessible, peaceful and interoperable cyberspace even as we embrace new and emerging technologies. <\/p>\n International platforms, such as The World Economic Forum, are key to bringing attention to such issues, brainstorming solutions and encouraging international cooperation.<\/p>\n The road ahead<\/p>\n