Artificial intelligence is increasingly being presented as both one of the greatest cybersecurity threats and one of the few technologies capable of defending against it.
That tension sits at the heart of plans unveiled by the UK’s intelligence agency GCHQ, which has confirmed ambitions to develop a national cyber defence capability powered by AI agents and designed to protect critical infrastructure at what officials describe as “machine speed”.
The proposed system, referred to as a national cyber shield, would embed agentic AI into the country’s defensive cyber operations, helping identify vulnerabilities, detect attacks and potentially repair compromised systems in real time. According to GCHQ Director Anne Keast-Butler, the capability could become operational within five years.
The initiative forms part of broader efforts to strengthen the resilience of critical national infrastructure as cyber threats become more sophisticated, more automated and increasingly linked to geopolitical tensions. Energy networks, water systems, healthcare organisations, transport infrastructure and financial services are expected to be among the sectors that could benefit from the programme.
The announcement highlights a growing reality confronting governments worldwide: as cyber attacks become faster and more complex, traditional human-led responses may no longer be sufficient.
The rise of machine speed conflict
For much of the history of cybersecurity, defenders have relied on human analysts to investigate incidents, identify threats and coordinate responses.
Artificial intelligence is beginning to challenge that model.
According to Keast-Butler, frontier AI systems are already capable of uncovering large numbers of previously unknown software vulnerabilities. While this offers significant opportunities for defenders, it also raises concerns that malicious actors could use similar capabilities to identify weaknesses and launch attacks at unprecedented scale.
The result is an emerging cyber environment in which both attack and defence increasingly operate at machine speed.
That shift is one reason why governments are exploring agentic AI systems capable of acting autonomously in response to threats. Rather than waiting for human intervention, future systems could identify vulnerabilities, isolate compromised assets and implement corrective actions within seconds.
The UK’s proposed cyber shield reflects the growing belief that defensive capabilities must evolve at the same pace as offensive ones.
AI changes the resilience equation
The initiative arrives as concerns continue to grow about the resilience of critical infrastructure.
GCHQ has cited escalating state-backed and hybrid threats, particularly from Russia, including activity targeting undersea cables, supply chains and democratic institutions. The programme is also being developed in the wake of major disruptions affecting UK organisations and infrastructure.
Andy Ward, Senior Vice President International at Absolute Security, believes the speed of modern cyber threats is forcing organisations to rethink their approach to resilience.
“AI in cybersecurity offers huge potential to improve detection and speed up response times,” he said. “However, AI is also causing cyber threats to become smarter and faster.”
Ward argued that the challenge extends beyond detection and prevention.
“Attacks now move at AI speed, disruption moves at AI speed, and complexity grows at AI speed, so if your resilience does not move at AI speeds, you have already lost,” he said.
According to research cited by Absolute Security, 42 per cent of UK organisations still lack a formal cyber resilience strategy.
The findings suggest that while AI may strengthen defensive capabilities, many organisations continue to face challenges in establishing the operational foundations needed to respond effectively when incidents occur.
Sovereignty becomes a security issue
The proposed cyber shield also reflects a wider debate about technological sovereignty.
The Cabinet Office has indicated that protecting national infrastructure may require a move away from relying solely on off-the-shelf cybersecurity products towards AI-enabled sovereign defensive capabilities developed through collaboration between government, industry and academia.
Officials are also looking beyond today’s threats. Concerns surrounding the future impact of quantum computing have prompted work on next-generation cryptography and quantum-resistant encryption, with GCHQ already collaborating with industry and academic partners in preparation for future risks.
The combination of AI-driven cyber defence and quantum-resistant security highlights how rapidly the cybersecurity landscape is evolving.
For policymakers, the challenge is no longer simply protecting systems from today’s attacks. It is preparing for a future in which AI can both discover vulnerabilities and defend against them, where cyber operations unfold in seconds rather than hours, and where the resilience of national infrastructure increasingly depends on the intelligent systems tasked with protecting it.
The UK’s proposed cyber shield suggests that future cyber security may be defined not by whether artificial intelligence is involved, but by whose AI acts first.
