CMORG guidance on frontier AI and cyber resilience

The Cross Market Operational Resilience Group (CMORG) has published guidance on frontier AI and cyber resilience for financial institutions. The guidance highlights that advanced AI systems are accelerating the speed, scale and sophistication of cyber-attacks, significantly compressing the time between vulnerability discovery and exploitation. This creates an immediate challenge for firms to adapt now to maintain resilience.

CMORG indicates that remediation timelines may need to compress from weeks to days, and in some cases hours, requiring firms to operate with greater urgency, coordination and discipline. Financial institutions are advised to place stronger emphasis on rapid patch deployment, balanced against potential impacts such as service availability. An effective response will also require coordinated action across governance and leadership, operating models, technology architecture, detection and response capabilities, and the management of supply chain and ecosystem risk.

Given the pace of development in frontier AI, this guidance is expected to evolve over time. It is intended to provide a practical and actionable baseline for firms to assess their current capabilities and accelerate their response.

Return to main website.