The tools you’re buying are the threat
The pitch is irresistible. AI-powered procurement, automated customer service, intelligent scheduling. Businesses across New Zealand are plugging agentic AI into their operations at pace, often with little more security due diligence than a vendor demo and a credit card.
Now the Five Eyes intelligence alliance, including New Zealand’s own National Cyber Security Centre, has issued a joint advisory on agentic AI risks that should make every business owner pause. The guidance, co-authored by agencies from the US, UK, Canada, Australia and New Zealand, warns that agentic AI systems can independently plan, decide and execute actions with limited human oversight. One scenario describes a compromised procurement agent using excessive privileges to modify contracts and approve payments without detection.
This is not a theoretical risk paper. It landed the same week the NCSC told RNZ that New Zealand sits at the “wild frontier” of AI superhacking, warning organisations to prepare for “a significant increase in vulnerabilities and incidents” as frontier models improve.
The numbers are already ugly
The NCSC Cyber Threat Report 2025 recorded $26.9 million in direct financial losses from cyber incidents in the 2024/25 year, up from $21.6 million the year before. Of 331 incidents triaged as potentially nationally significant, 137 were linked to criminal or financially motivated actors, more than double the previous year. An NCSC-commissioned survey estimated New Zealanders may be losing as much as $1.6 billion annually once unreported losses are included.
The trend is accelerating. Q1 2026 data shows direct financial losses of $5.6 million, a 76% increase from Q4 2025’s $3.2 million. Three incidents were classified as C2 “highly significant”, the first since 2021/22, meaning they impacted key sensitive data or disrupted essential services in organisations of national significance.
SMEs are bearing the brunt. The NCSC reported that 53% of SMEs experienced cyber incidents between January and June 2025, up from 46% in 2024. The Kordia NZ Business Cyber Security Report 2026 found 17% of impacted businesses lost personally identifiable information and 19% faced financial extortion.
NZ’s spy agency is now fighting AI with AI
The NCSC is not just issuing warnings. It has been granted access to Mythos, a frontier AI model with demonstrated hacking capabilities, through Anthropic’s Project Glasswing initiative. NCSC Deputy Director-General Cyber Security Catriona Robinson told RNZ: “The rise in models like Mythos really changed the cyber threat landscape.” She described the programme as an industry collaboration to test potentially vulnerable products defensively before general release.
The NCSC has also briefed 300 local cybersecurity specialists on frontier AI models. That is not routine outreach. It is a signal that the agency views this as an inflection point.
What the guidance actually demands
The Five Eyes advisory recommends businesses never grant agentic AI broad or unrestricted access, especially to sensitive data. It calls for least-privilege access, defence-in-depth, continuous monitoring, just-in-time credentials, and cryptographic proofs for sensitive operations. Critically, it advises businesses to consider whether simpler automation could achieve the same outcomes with lower risk.
The NCSC’s own June 2026 advisory is blunter: “New Zealand Government entities do not need access to the most advanced frontier AI models to stay protected. Effective cyber readiness is achieved through implementation of existing cyber security mitigations and practices.”
That is aimed at government, but the principle applies directly to business. Most NZ firms do not need an AI agent with write access to their financial systems. They need patching, multi-factor authentication, and someone checking the logs.
The gap most boards haven’t noticed
Here is the uncomfortable truth. The Five Eyes guidance recommends continuous monitoring, threat modelling, phased rollouts and limited autonomy for agentic AI. These are not capabilities most NZ SMEs possess. Yet those same businesses are being sold AI-powered CRM tools, procurement automation and customer service agents, precisely the category the guidance warns about.
The agencies note that tools and standards tailored to agentic AI security are still developing. Businesses deploying these tools now are operating ahead of the safety net.
The NCSC warns of a “vulnerability storm” for entities carrying legacy systems and weak cyber hygiene. AI is enabling threat actors to exploit technical debt at scale and at pace. The implicit message, stated explicitly in the NCSC’s guidance, is that organisations should assume they will be compromised. The question is not whether you get hit, but whether your board has a plan for what happens next. For most NZ businesses, that conversation has not started.