Cybersecurity Risks

• Anthropic postponed releasing Claude Mythos, an AI excelling at coding and vulnerability scanning, following high-level meetings with US financial regulators. • Mythos demonstrated ability to chain unknown security flaws in software at unprecedented speed, sparking 'agent-to-agent war' concerns in cyberspace. • Partners like Amazon, Apple, Microsoft, Google, Cisco, CrowdStrike, and JPMorgan Chase received restricted previews under Project Glasswing.

• US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened Wall Street leaders on April 7 to warn about Anthropic's new Mythos AI model, which can identify software vulnerabilities that have evaded decades of human review and millions of automated security tests. • Mythos is being released only to carefully selected partners for defensive security work, as Anthropic fears the tool could provide ransomware gangs and hostile governments with powerful weapons to steal data or disrupt critical infrastructure. • The model represents a significant leap in AI cybersecurity capabilities, with the potential to both protect systems through accelerated penetration testing and pose risks if misused by malicious actors.

• A benchmark report surveying over 200 CISOs ranks AI as the top cybersecurity concern at 71%. • Security budgets in retail and hospitality sectors increased modestly from 0.57% to 0.75% of revenue. • AI-driven threats are ushering a new era of risk, prompting heightened investment in defenses.