Frontier LLMs have collapsed the bug-to-exploit window from five months to ten hours, and agents have become a brand new attack surface. Here is what Australian regulated businesses need to do this quarter, and how it maps to the Essential Eight, CPS 234 and the Privacy Act reforms.

Solo agents are becoming cooperating teams, software is becoming outcomes, and the buyer in regulated industries is being asked a different question. Here is what the shift to agentic AI and vertical AI means for boards, regulators and operators in 2026.