AI makes cyber security business critical: how accountants should respond
Author: ICAEW Insights
May 5, 2026
As AI evolves with more advanced models and tools, cyber security is shifting from human speed to machine autonomy, with implications for finance professionals.
Key takeaways
• The hype around Claude’s Mythos has highlighted the emerging cyber risks of AI.
• AI-powered attacks can take place faster and more efficiently.
• Equally, exploitations in AI tools can leave large areas of an entity exposed.
• Cyber needs to be treated as a risk which is as existential as cashflow.
The debate around Mythos this month has raised some serious questions about the role of AI in cyber security – both as a solution, and as a threat.
While there was some founded scepticism around Mythos’ abilities to find exploitable vulnerabilities in systems, the UK government is taking the cyber threat that AI poses seriously.
Juan Mathews Rebello Santos, founder of BNVD, a Brazilian national security vulnerability database, says Claude Mythos Preview is “capable of surpassing most humans in identifying and exploiting vulnerabilities.”
Project Glasswing’s “urgent collective action aims to ensure AI's coding advancements serve defensive purposes before offensive capabilities advance further,” Santos explains.
AI is a cyber threat – and a solution
If AI can find and exploit vulnerabilities faster than humans, Santos explains, defenders need the same capability before the attackers can get hold of it. “It changes the traditional timeline of vulnerability discovery and patching quite dramatically.”
Jamie Bykov-Brett, founder of the independent Bykov-Brett consultancy, says that while the capability of Mythos is real, the framing is backwards. “Everyone is focused on what Mythos can find. The actual problem hasn't changed; organisations already can't patch [the vulnerabilities] they know about.”
Mythos is essentially a more powerful microscope for looking at weaknesses in systems, he says, but that doesn’t make it easier for businesses to solve those issues. “The bottleneck was always the immune system, not the diagnosis,” Bykov-Brett continues. “If this initiative doesn't come with investment in remediation infrastructure at the same scale, it's a very expensive way of documenting how exposed we are.”
AI could deliver more systemic exposures in accounting teams
Santos says that Project Glasswing highlights a deeper issue with AI when it comes to cyber security: “We are entering a phase where cybersecurity is no longer constrained by human speed. AI systems can analyse large codebases, identify weaknesses and even assist in building exploits at a pace that compresses what used to take weeks into hours, [creating] a structural imbalance if access is not carefully controlled.”
Previously, cyber threats have been centred around tactics such as phishing. With AI tools, such as Mythos, allowing criminals to find and exploit vulnerabilities at scale, the focus could change dramatically.
Human-led attacks are already being superseded by AI-assisted ones, says Santos. In some cases, attacks are AI-driven. Reconnaissance, exploitation and social engineering is all done more quickly, efficiently and, in the latter case, more effectively.
In particular, the acceleration of the reconnaissance phase could have wide ranging impacts. Large attacks, such as the one on M&S last year would usually involve weeks or months of reconnaissance as the attackers figure out what they’re able to exploit. Now, that is potentially achievable in a matter of hours with the right AI tools, allowing attackers to infiltrate and disrupt multiple organisations in the same time period.
The exploitation of AI tools can also leave businesses exposed
For finance and accountancy, while AI is increasingly being used by criminals, the use of AI tools within organisations, if not adopted with security considerations in mind, also opens vulnerabilities, according to Shwetha Babu Prasad, an independent information security specialist.
“In accounting workflows, where AI is used for document analysis or reporting, even small context leaks can surface client data across sessions or outputs,” Prasad explains. “This shifts risk from traditional breaches to more subtle, systemic exposure.”
The principles of good cyber hygiene still apply
Navigating the risk doesn’t involve anything more than what businesses would be expected to do to protect themselves from cyber attacks. But it does mean more focus on those things. Bykov-Brett says the most valuable thing accountants can do is “reframe cyber security as a business continuity risk, not an IT issue” – something that should be taken seriously by the board.
“Most small business clients understand cash flow risk and insurance but treat a successful AI-enhanced fraud as something that happens to other people. However, accountants are one of the few trusted advisors positioned to have that conversation credibly,” says Bykov-Brett. “The practical advice is simple: any instruction involving money or access changes gets verified through a separate, pre-agreed channel. Always. That was good practice before; AI makes it non-negotiable.”
Patching systems regularly, both internally and across supply chains, being alert to dangers and regular staff training are still important steps when it comes to protecting systems from AI assisted attacks.
Don’t lose scrutiny and scepticism when using AI
Accountants can also take steps to use AI tools more securely. Prasad says firms should use AI solutions with “defined data governance and auditability, avoid inputting client-identifiable or sensitive financial data into public AI models, understand data flow and retention, including whether inputs are stored or used for training, and align AI usage with existing financial controls, compliance and risk frameworks.”
“The goal is not to slow adoption, but to ensure it happens within controlled and auditable boundaries,” says Prasad.
Over-trust of systems is a major risk factor that businesses need to be aware of, says Bykov-Brett. This is particularly true when it comes to AI tools. “People stop scrutinising what AI produces; that creates a new attack surface that didn't exist before: compromise the AI tool or its inputs, and you compromise every decision that flows from it; we're building dependency faster than we're building verification habits.”
[ICAEW Insights]
