IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom
Flux result 971dadc2 dd8b 4c6e 8468 c707f3c7e678
#
Digital Transformation
#
IoT Security
#
Advanced Persistent Threat Protection

IBM unveils AI cyber defences against autonomous attacks

Thu, 16th Apr 2026
Author image
By Catherine Knowles, News Editor

IBM has launched new cybersecurity measures aimed at countering attacks that use advanced AI models. The offering combines a new assessment service with an autonomous security service.

The move reflects growing concern across the industry that newer AI systems can help attackers identify weaknesses, shorten intrusion preparation time and automate parts of the attack cycle. Traditional security operations that rely on fragmented tools and manual processes are struggling to keep pace with threats that move at machine speed, IBM said.

Assessment Service

One part of the announcement is a cybersecurity assessment from IBM Consulting focused on risks linked to frontier AI models. The service is intended to help large organisations assess how prepared they are for threats from more autonomous forms of attack.

According to IBM, the assessment is designed for complex IT estates, where gaps can be hard to map and attackers may be able to turn isolated weaknesses into broader attack paths. The work will be delivered with technology partners across customer environments.

The assessment is designed to identify security gaps, policy weaknesses, AI-specific exposures and possible exploit paths. It also provides mitigation guidance, including temporary safeguards where no immediate software fix is available.

IBM said the service also highlights areas where greater automation and changes to security architecture could improve detection and response. That positions the assessment not only as a diagnostic tool, but also as a way to identify operational changes for security teams.

Autonomous Security

The second part of the launch is IBM Autonomous Security, described by the company as a multi-agent service for decision-making, response and intelligence. It uses AI agents to automate work across a customer's security environment.

The service is intended to work across an organisation's existing security stack rather than as a standalone product tied to one vendor. In practice, that means digital workers are meant to operate across different tools and systems so security teams can respond in a more co-ordinated way.

The service analyses software exposures and runtime environments to trace possible exploit paths, improve security hygiene, enforce policies, detect anomalies and contain threats with limited human involvement. It also feeds information into governance and risk systems, which IBM said can help keep compliance and security status more current.

That focus on linking security operations with identity, governance and risk functions signals a broader push to move remediation closer to real-time action. IBM said the service is designed to extend across IT systems, operational technology and business processes, reflecting the wider spread of cyber risk across large organisations.

Rising Pressure

The launch comes as businesses and public sector bodies face pressure to strengthen cyber defences against increasingly automated attacks. Security groups have warned that generative and agent-based AI tools can lower the expertise needed to carry out sophisticated campaigns while also reducing the time and cost required to execute them.

For large enterprises, the challenge is often magnified by sprawling infrastructure, ageing systems and disconnected security products. Those conditions can make it harder to maintain a clear view of risk and slow co-ordinated responses when incidents emerge.

IBM's latest measures are aimed at that problem. The assessment service seeks to identify weaknesses, while the autonomous security service is intended to reduce the delay between detection and remediation.

The announcement also underlines how major technology and consulting groups are reshaping cybersecurity offerings around AI, both as a source of risk and as a tool for defence. As more security suppliers introduce AI-based automation, a key point of competition is likely to be whether their systems can work across mixed customer environments rather than force companies onto a single platform.

IBM has a broad customer base across regulated and critical sectors including finance, telecommunications and healthcare, where the consequences of faster, more adaptive attacks can be severe. Organisations in those sectors have been under sustained pressure to improve resilience, particularly as cyber incidents increasingly carry operational as well as financial consequences.

Mark Hughes, global managing partner of cybersecurity services at IBM Consulting, said the new threat environment requires a change in defensive posture.

"Frontier models are creating a new category of enterprise threat that is fast moving, systemic and increasingly autonomous," he said. "Meeting that threat requires a systemic defense. AI powered offense demands AI powered defense. That's what IBM is delivering."

Related stories
Protegrity launches AI Team Edition for secure inferencing
CERN joins OpenSearch foundation as associate member
OpenAI launches Trusted Access for Cyber with major names
Canva launches AI 2.0 to turn prompts into editable designs
Anthropic launches Claude Opus 4.7 with stronger coding

Top stories

TestRail launches AI test script generation in beta
FIRST conference highlights AI & CVE disclosure push
OpenAI expands Codex with desktop & workflow tools
OpenAI launches GPT-Rosalind for life sciences research
Mirantis integrates NVIDIA Run:ai to speed AI deployment