“By investing in cyber resilience and ensuring appropriate security measures are in place, you can build public trust and confidence in how your organization protects the personal data you hold,” said Ian Hulme, executive director of regulatory supervision at the ICO.
Ian Hulme and the ICO’s five-step guide
The UK’s Information Commissioner’s Office (ICO) has published a five-step plan urging organisations to prepare proactively for an uptick in AI-driven attacks. The regulator framed the guidance around getting basic cybersecurity controls right, understanding new AI-enabled threats, and layering additional protections where necessary. The ICO directed readers to the National Cyber Security Centre’s updated Cyber Assessment Framework (CAF) as a way to “better understand how adversaries are using AI in attacks, or attacking corporate AI systems.”
The specific AI-powered threats enumerated
The ICO listed a set of concrete attack types for organisations to consider when planning defences. These include:
- AI-enhanced phishing targeting colleagues, clients or suppliers
- Deepfake-powered social engineering used on employees
- Automated vulnerability scanning and exploitation
- AI-powered malware which adapts in real time to evade detection
- Credential stuffing and password attacks which target weak passwords
- Data poisoning of AI models
- Indirect prompt injection attacks
Cyber Essentials, the Cyber Governance Code and minimum expectations
The ICO said it expects organisations to have Cyber Essentials’ five controls and the UK’s Cyber Governance Code of Practice “as a bare minimum.” At the same time, the regulator warned that extra layers of defence are “essential,” calling out a “solid patching and updating process” to mitigate machine-speed vulnerability research and exploit development.
An ICO spokesperson told Infosecurity that vulnerability management should prioritise remediating action based on impact, and that where an update is unavailable organisations should review compensating controls. The spokesperson said: “If a decision is taken to not take action but there is still risk exposure, then the rationale should be fully documented and agreed at senior levels.”
Operational controls, supplier risk and incident readiness
The ICO highlighted a range of operational measures it expects organisations to deploy beyond minimum controls. These include multi-factor authentication on all remote access, admin accounts and email; strong password policies; and auditing and enforcing the principle of least privilege. The guidance also flags the need to understand the security and privacy implications of using AI tools for access controls.
Security teams were told to include supply chain partners in access policies and vetting. The ICO spokesperson said organisations should not treat security as a point-in-time assessment but instead “adopt a dynamic threat-based approach to security,” with the intensity of that approach depending on supplier criticality, types of services, and the data processed.
The ICO also urged regularly tested incident response plans, comprehensive security monitoring and vulnerability scanning — noting that AI tools may improve outcomes but must have human oversight.
Data protection duties, AI governance and enforcement criteria
On data protection, Ian Hulme urged organisations to implement “appropriate technical and organizational measures” under GDPR. The ICO listed practical measures such as data minimisation and storage limitation, regular data audits, staff awareness training (including on AI-powered social engineering), and AI governance steps including safeguards and a data protection impact assessment (DPIA) for AI tools that process high-risk personal data.
Other recommended measures include compliance with the government’s AI Cyber Security Code of Practice, and use of encryption and pseudonymisation to reduce breach impact. When asked how the ICO assesses whether enforcement action is necessary following a breach, the regulator said “attack surface, sector, and data held” are key factors. The spokesperson added that Cyber Essentials controls will be considered during investigations but stressed that consideration of those controls alone “does not necessarily mean that we would not take regulatory action.” A “key consideration” is whether an organisation has “put in place appropriate technical controls commensurate to the level of risk” and can demonstrate how cyber risk has been governed.
What this means for security teams, procurement leaders, and end users
Security teams will be tasked with translating the ICO’s checklist into day‑to‑day operations: patch management at machine speed, MFA, least privilege enforcement, and combining AI-based monitoring with human oversight. Procurement leaders must factor the ICO’s expectation that supplier criticality and data processing roles drive a dynamic, ongoing vetting process rather than point-in-time assessments. End users and staff should expect expanded awareness training that explicitly covers AI-enhanced phishing and deepfake social engineering.
The ICO’s guidance ties regulatory expectations to concrete technical controls and governance steps. Organisations that adopt the five-step plan will still need to show how they prioritise fixes, document risk decisions at senior levels, and govern AI tools that handle personal data — because, the regulator cautions, compliance is measured by controls commensurate to the risks an organisation faces.
Source: Infosecurity — ICO Publishes Five-Step Plan to Counter Emerging AI-Powered Attacks




