In Focus: Frontier AI

Welcome to another episode of J.P. Morgan's In Focus Global Research Podcast. Our guests today are Jahangir Aziz and Stephen Palacio, who are part of the Industry and Policy Thematics Group in Global Research.

My name is Sam Mazzarello, and I lead Content Strategy, and I'll be moderating today's discussion. We're going to explore Frontier AI's role in the cybersecurity landscape. We'll cover the relationship between Frontier AI models and cyber, patchability in the cyber ecosystem, global supply constraints, and what fighting AI with AI means in today's world.

Jahangir and Steve, thanks for joining us. Your latest note on Frontier AI does a great job of explaining the topic and showing the spectrum of cybersecurity risks organizations face. Set the stage for our listeners here.

What's going on? What should people be focused on as AI changes the cybersecurity landscape? Thanks, Sam.

Thanks for having us. So obviously, cybersecurity is nothing new. It has been around probably since the time of the internet or even before that.

And if you just look at cybersecurity as it stands, you know, globally, you're spending almost about $140 billion in 2025. And the trajectory is that it was going to move almost double to about $270 billion by 2030. And even with that, almost 63, 64% of companies actually in service reported that they have inadequate cybersecurity.

So this is a big deal. And but we know that, and that this is not anything different. I think what is changing is the role of frontier agentic AI and how that impacts the landscape of cybersecurity.

And that's what this note or this report is about. So if you go back to what cybersecurity was before frontier AI, it's sort of whether in movies or elsewhere, there are a bunch of people sitting in a basement and they're essentially going and trying to hack through running programs. And obviously, they took advantage of AI.

But AI was a tool up until now. And these bunch of people could either be bad actors by themselves or, you know, supported by governments. We don't know.

The issue becomes with the agentic AI or the frontier AI. And if you just look at what Anthropics Mythos put out in their website, in their public statement, they essentially said that this new version of AI, let's call it frontier AI, can independently on its own, find out these weaknesses in different operating systems, in different technologies, different systems. And then actually, if it is allowed to do that, it can actually plan cyber attacks on its own.

So, it's no longer the case that you are limited by how many things a person can do or a group of people can do. You can essentially let the system go on its own. And in their own test, they found, quote unquote, tens of thousands of vulnerability in systems across the world.

So, that's what has changed or that's what we fear will change. So, let's not get too alarmist about it. Just because the frontier AI can do something, that doesn't mean this will be done.

But the threat is always there. And I think cybersecurity will respond to the threat, even if that threat is materialized or, you know, actually implemented, even at a much lower scale than 10,000s of vulnerabilities. I definitely agree with this.

And I think a key thing that changed with the Advanto Frontier AI is that it changes the asymmetry between attackers and defenders. It becomes much more scalable, much more rapid, whereas you needed a lot of human effort before to proceed with cyber attacks. Now you can deploy in a very rapid and executionable manner with a lot of scale, whereas defenders are left with a lot of tasks to monitor, validate, and patch in a decreased fashion.

So, this creates a massive asymmetry that they will have to deal with going forward. So, I think that that is an important force that is introduced by frontier model suit. So, it sounds like overall, this emerging technology, it complicates the story dramatically.

Yes. So, AI and frontier AI and more versions of AI will lead to significant productivity gains across the world. We've already seen that happen, even with the AI models that we have right now.

There are obviously questions of whether or not that productivity gain is already there or is it something that's forthcoming, but let's not go down that direction. The issue is that with these promised gains comes this threat. And I think it's the balance between the two of them that we will have to tread as we start implementing and using our frontier AI models and their different more advanced versions.

Jahangir, Steve, it would be great if you can walk through listeners the difference between IT and OT assets. I don't know if these are terms that everyone is fully aware of. Steve, do you want to take that?

Yes, certainly. I mean, IT basically stands for information technology. So, it's basically used for its handling data.

So, basically, we're processing information. So, think about computers, servers, networks, databases. So, the most common example, of course, nowadays, are data centers.

But also think about devices, enterprise software, and so on and so forth, right? On the other hand, OT, operational technology, basically handles physical processes. So, think about hardware and software that monitors and controls machines, motors, sensors, industrial equipment.

So, this is basically the operational technology that controls and monitors factory floors, power grids, air transportation, and so on and so forth. So, the nature is basically different, monitoring and controlling physical processes versus processing and moving information. So, that would be the key characteristics of them both.

I appreciated all the details. It does sound like you described everything, like this touches everything. Is that fair?

Yes, but I think that if you look at the sectors that are affected by IT, these sectors would be, you know, banking, telecom, and things like that, payment systems, et cetera. OT would be New York subway, nuclear power plants, the power grid. And I think that's the distinction between IT and OT in terms of where is that threat and how should we respond to that threat.

So then, a good corollary question, we're going to bring up the idea of patchability and problems that exist there. For listeners who may not be as familiar, a patchable system is the one that allows software-slash-firmware updates to address vulnerabilities without the need to replace the underlying hardware. So, I guess when we think about OT assets and their low patchability, how does this change the risk conversation?

Let me start off and let, you know, Steve jump in. If you think about information technology the way Steve described it, most of that technology or the system essentially sits in cloud servers, which are connected to these data centers. So, if there is a vulnerability that we find, then, you know, some cybersecurity firm or firm internally can build a software patch and essentially use server to fix that problem.

Every Monday morning in J.B. Morgan, when we start on our computers or servers, there is almost a three, four minutes where new patches are put in, right? So, this happens on a regular basis and almost every concern or every firm or every system that is linked to it.

In the case of operation technology, these are not connected to cloud servers, mostly. They are not connected, therefore, to data centers. So, the first thing is that even if you do have a patch, how do you actually get the software in the operating system?

How do you get that done? You usually will have to do it by factory by factory, industry by industry. You have to do it by, you know, sub-systems by sub-systems.

And the issue becomes, and this is where the patchability, non-patchability problem arises is that many of these industrial systems, many of these public transportation systems are so old that most of them do not have either the efficiency of the chips on which they are operating or the memory that you require in order to implement these patches. Voyager 1, which is now almost, you know, at the edge of the solar system, essentially runs on a 76 kilobytes of memory. So, in the past, people were very, very careful about how efficiently they would code it because they never had that luxury that we have today of inexpensive memory.

As memory has become cheaper and cheaper and cheaper, we have sort of lost this efficiency that you need to put into the codes, the patches, etc. So, modern patches, modern codes require massive amounts of memory. And, unfortunately, most of our industrial systems, most of our public utility systems are so far behind in terms of, you know, both the efficiency of the chips as well as the memory that they simply cannot handle these patches because they are very, very chip-intensive.

They are very, very memory-intensive. Yeah, I mean, I think that basically sums it up. I would just add to what Yanger said a couple of points.

He touched upon the fact that IT is constantly upgraded. And I would just say that in contrast, the fact that OT is not constantly upgraded also relates to the fact that for you to upgrade OT, normally you have to disrupt operations. Say, you have to halt completely the production line in order to do the upgrade.

You have to shut down the electricity grid. You have to disrupt air transportation. So, there's downtime cost to upgrading OT systems.

So, that is why they're less recurrently upgraded and they can go on without being replaced 10, 15 years. And what this creates is, as Jahangir was saying, legacy issues. For example, they reach their end-of-life cycle.

Think about it this way. For example, they become so old that they're operating on Windows 7. So, the vendor no longer issues patches.

So, they become effectively unpatchable or non-patchable. So, that is sort of the two lanes on which these two technologies operate. So, they become much less patchable.

But also, they're more critical. So, it's like even worse. They're less patchable and more critical.

So, it's a double-whammy to some extent. Just to give you some numbers for the listeners. So, just in the U.S. alone, the total amount of these electronics slash assets that exist in the IT sector or within IT systems is about two and a half trillion.

The total amount of equivalent memory chips, electronic system assets that exist in OT or the operating technology sector is just one trillion. So, it's significantly different. The rub is that only about 20% of the IT systems is non-patchable and 50% of the OT systems is non-patchable.

So, even though there's a huge difference between the usage of these technologies in IT versus OT, the cost of replacing them or the damage is about the same, 500 odd billion dollars each. But that's not the only problem. The only problem is that that 500 billion dollars is based on the cost as it was actually put in place 20 years ago, whatever the cost was.

If we now want to upgrade that to the current system, that's when things become really hairy. Steve, do you want to go through some numbers of what will be the cost? As you're watching, not only you've got the 500 odd billion on both OT and IT, but once you implement what we refer broadly as the deployment costs, think about this as basically setting in place the whole systems, it is to some extent more expensive to put them in place in the OT space.

You're talking about roughly 1.7, 1.8 times the actual cost, whereas in IT, it's roughly 1.5. So you're talking close to 800 billion in the OT space, whereas in the IT space, you fall closer to several hundred billion. So again, the asymmetry goes against OT.

The total demand is about 1.5 trillion, and that's just in the US. And this is over and above what IT is spending right now on data centers. So I know we planned these questions ahead of time.

I'm going off path now based on what I'm hearing from you. These sound like significant risks. In your opinion, are they being underappreciated by the market?

We have been spending last one year at least worrying about data centers, how much investments are going into data centers, what it's doing to prices of memory, price of advanced chips. And that's what has preoccupied the market right now. So even if you look at the markets, what we are finding out is that that's not all that we need to worry about.

As these advanced AI models get implemented, now Anthropic still hasn't released it to the public, but it's not a question of just Anthropic releasing it. It is that the other big LLMs are not going to be too far behind. And some versions of this will be released.

Use cards say that I'm not going to release something that is actually going to improve our efficiency and improve productivity because there is a threat that possibly it might be used for bad things. Most technologies can be used for bad things and are used for bad things. So this leads us to what the market will have to now add on to their worries about data centers, which is the cybersecurity costs.

Now, currently, if you look at the market pricing, what you see are that the Mac 7, these are the big NVIDIA's of the world, etc., which is basically taking the market to new highs almost every other day. Cybersecurity firms, on the other hand, have actually been losing. And the reason being that these new agentic AI models it is believed that they can replace the cybersecurity firms.

They can not only find the vulnerability, they can not only do the cyber attacks on by themselves, but they can also find the patches themselves. Now, obviously, you will have to ask the question, would you ever use the same LLMs that actually find the patches, find vulnerability, do the attacks, also do the patches? And how much would you trust those patches?

So my sense is that, look, the market is going to come back to the cyber security sphere. And my sense is that once we get a better understanding, I think that's when the market will start pricing in the cost of cyber security and what happens to cyber firms. Steve, would you add anything here?

I just think like an angle to this is one we've discussed in the note, which I'm not entirely sure that is priced into the market at this point, which is we've already seen significant signs of strains in the semiconductor market because significant amounts of demand are coming from hyperscalers in certain segments of this market. And what we find in our research is that despite not being a significant fraction of the hardware demand that would come from these potential cyber security threats, there would be a significant demand for semiconductors in these spaces, particularly logic, memory, which are the most strained at this point. So we're already seeing, for example, memory prices going significantly up.

So I think this would be an additional layer that the market, I'm not sure, has completely incorporated. I mean, that's true. And also, I think there is some nuance to it that says that the IT segment demand is going to be for the higher end logic chips, the three nanometers and smaller chips.

If you look at companies like TSMC, Samsung, etc., they're probably booked, all the book is filled till about 2027. So, you know, you really have to find where will that extra demand be satisfied by. The OT one, the industries and the public utilities, those actually will demand the legacy chips, the larger chips.

Larger chips, it is somewhat better, but it's only somewhat better. It's not fully better, it's somewhat better. It is somewhat better.

I like that caveat. And I think that China is the one adding capacity in these mature nodes. In the mature nodes, China is the one that has always been the one that continued over the last, you know, when the West abandoned, more or less, adding capacity to the larger chip segment, China continued to do that.

To some extent, that was because they did not have access to cutting-edge chips technology because of export controls. But the other reason was that they actually use those larger chips to embed them into hardware, which they think then they finally sell to the rest of the world. Your note underscores the concept of fighting AI with AI.

Walk us through the depth of this and what it exactly means. So we were talking earlier at the beginning about how there was this asymmetry created between attackers and defenders, right? Like defenders would need to process a ton more of cyber security threats and how this would be like a daunting task for the attackers.

They wouldn't be able to do it just based on human effort, right? So basically what we're seeing, and this is already happening to a certain extent, is that what the response is being is fighting automation with automation. For example, some stats that we cite in the report is that this trend is already happening.

For example, by 2028, in a few years, 80% of alerts on security operations are expected to be triaged already by AI agents. Or for example, 85% of detection and response playbooks will be generated dynamically. That is how you respond to a cyber attack threat will be generated by an AI agent.

So this trend of automation with automation is going to be the one that defines, in my opinion, what is going to happen with AI. Final question for you both. Let's talk about governments and that role.

How do you see governments across the globe mandating AI practices for cyber purposes looking ahead? I think this is the big unknown. It's the big unknown because governments are significantly behind the edge of technology.

And consequently, there is a lot of catch-up to do. But more importantly, there does not exist a framework from another part of the system that they can use and say, for example, we know how to handle runs on banks. We've been working on this for many, many years.

We know how this happens. So let's take that and then change it for cybersecurity. There isn't something parallel that exists.

If you look at how regulations work, typically, regulations work by finding something that is similar, something that has worked in the past, and then comparing it with the problem that you have at hand, and then trying to tweak the framework that we are used to where there's a lot of evidence that it's worked, not worked, to the new problem. How do regulations work in your areas? The problem is that there is literally nothing that we have where a person that has no accountability, called the agentic AI or a frontier AI, whatever name you want to give it, is the one that's carrying out the attacks.

It is finding the vulnerabilities carrying out the attacks. Where are you going to put the regulations on is going to be the next question. Are you going to put the regulations on the owners of the agentic AI or the users of the agentic AI?

Because you can't put it on the agentic AI. In the past, almost everything that we have done, whether it's a bank or financial services or anything else, the criminal was always a human being. We have a system in place for thousands of years how to deal with that.

We now have a criminal who is not a human being. Therefore, what is it that you're going to put in place? Who are you going to hold accountable?

I think these are fundamental questions that any kind of regulatory system will need to first address and then we can find regulations around it. But it is clear that governments will react the way in which governments have reacted in similar situations which is that they will put in regulations. The regulations may be knee-jerk.

The regulations may be excessive. The regulations may be inappropriate. We will have to find that out only the hard way.

I think we consider this to be an additional pressure that will be built on the system that it is not just that the industry or a bank or a financial system or its owner will need to up its systems to meet these new threats but they will be also put under pressure because regulations will be brought into place that will put that much of urgency and pressure on them to start building up the system so that there is an additional pressure that will come from regulations and very tight deadlines that companies and firms and essentially all of us will have to face. So it's not hyperbole then to say we're in uncharted territory? No.

I think this time around I think we are in uncharted territory. We will end on that note. Jahangir, Steve thank you so much for your time and insight and to our listeners thank you for tuning in to another episode of J.P.

Morgan's In Focus podcast. This communication is provided for informational purposes only. Please read the J.P.

Morgan research reports related to its contents for more information including important disclosures. Copyright 2026, J.P. Morgan Chase & Co.

All rights reserved. J.P. Morgan Chase & Co.

All rights reserved.