Ministers have ramped up pressure on UK businesses to strengthen their cyber defences amid concerns that the next generation of AI could supercharge hacking threats. In a new push led by cyber minister Baroness Lloyd of Effra, nearly 200 business leaders were told to sign a new “cyber resilience pledge”, as fears mount that powerful AI tools could expose them at unprecedented speed. Her intervention follows the release of Anthropic’s closely watched Mythos model, which triggered alarm across governments, banks and regulators alike.

Early testing suggested it can identify and exploit software weaknesses far faster than a human could. Bank of England governor Andrew Bailey warned last week that the technology could “crack the whole cyber risk world open”, whilst Baroness Lloyd pointed out: “AI is giving attackers capabilities that would have seemed extraordinary just a year ago and no organisation can afford to be complacent”. Boardrooms on alert as risk escalates The government-backed pledge will require firms to treat cybersecurity as a board-level responsibility, adopt baseline protections like Cyber Essentials, and sign up to the National Cyber Security Centre’s early warning systems.

Ministers worry that many firms are unprepared, with only one per cent of UK businesses currently holding Cyber Essentials certification, despite repeated warnings on cyber risk. Meanwhile, testing by the UK’s Security Insititute found Anthropic’s Mythos model represents a significant leap forward, capable of carrying out multi-step cyber attacks and autonomously exploiting weak systems in controlled environments. According to the institute, these capabilities could soon be widely accessible – raising the risk of more frequent, faster and more sophisticated attacks on businesses.

Security minister Dan Jarvis is expected to warn this week that cybercrime should be treated with the same seriousness as physical attacks. “If this damage had been caused by an old-school physical attack, it would have been the equivalent of hundreds of masked criminals… smashing up computers and driving cars right off the forecourt”, he is set to say. The risks seem to already be materialising, with more than half of UK firms having been hit by state-backed cyber attacks last year, while nearly half say they have already experienced AI-powered attacks.

The National Cyber Security Centre has also warned of a growing “severe cyber threat”, where attacks could lead to prolonged outages, and major financial losses. Despite this, many companies lack the expertise or budget to deploy advanced defences, leaving a widening gap between the speed of attackers and the resilience of businesses. Ministers are now urging firms to act before the threat escalates further, warning that preparation cannot be improvised once a major incident hits.

“Cyber-resilience isn’t just a technical issue; it’s a board responsibility,” Lloyd said. “We’re asking every boardroom in Britain to prove they treat it as one.”