Frontier LLMs have collapsed the bug-to-exploit window from five months to ten hours, and agents have become a brand new attack surface. Here is what Australian regulated businesses need to do this quarter, and how it maps to the Essential Eight, CPS 234 and the Privacy Act reforms.

When an AI system is involved in a security incident, standard incident response procedures are not always adequate. Here is how Australian businesses should approach AI-specific security incidents, from detection through to recovery and reporting.