Claude Mythos Preview is Anthropic’s most powerful AI model to date, and its cybersecurity implications are serious. But Mythos is not the real problem. Other frontier AI models—including OpenAI’s GPT-5.4-Cyber and Google’s Big Sleep—have some comparable capabilities already, and more will follow. The era of AI-enabled attacks is here, and organizations cannot afford to be reactive.

Most companies have significantly underinvested in cybersecurity, a direct result of boards and executive teams repeatedly deprioritizing it. This has created deep underlying weaknesses that AI-enabled attacks will rapidly expose. Unfortunately, for some businesses the consequences of chronic underfunding and insufficient leadership engagement will be severe.

The risk is particularly acute in businesses with significant operational technology environments, in industries such as energy, utilities, manufacturing, water, and transportation. Many of these systems are decades old, cannot be patched effectively, and are highly vulnerable to AI-enabled attack. Closing the investment gap will require far more than incremental budget increases. Based on our experience helping large organizations address their cybersecurity requirements, many will need to increase spending by up to two times their current levels or more. Yet most currently plan increases of about 10% annually, Bain & Company’s 2025 Cybersecurity Survey finds. 

The time to act is now. A top priority for many companies is building the essential depth of defense needed to resist AI-enabled attacks effectively. That typically requires establishing a dedicated AI threat war room and strengthening cyber fundamentals across the organization. Alongside addressing the AI threat, organizations must also prepare for other developing risks. Quantum computing will undermine many of today’s encryption approaches, introducing an entirely new category of cybersecurity risk. Bain’s view is that organizations need to be quantum-ready by 2030—and most have not yet started.

What is Claude Mythos, and why should organizations act now?

Mythos was not built as a cyberattack tool. It was designed to push the boundaries of software engineering, creating an AI capable of working with vast, complex codebases in ways previous models could not. In essence, Anthropic set out to build the ultimate developer.

It is precisely those capabilities, however, that make Mythos and AI models with similar capabilities a significant security concern. Anthropic describes Mythos as “a new class of intelligence built for ambitious projects focusing on cybersecurity, autonomous coding, and long-running agents,” and the same innovations that make it a powerful engineering tool also make it a formidable instrument for finding and exploiting vulnerabilities.

Mythos has a fundamentally different architecture from its predecessors, which enables four capabilities particularly relevant to cybersecurity. It can understand the intent of code and find hidden flaws via a simple instruction; it can chain multiple small vulnerabilities into a single devastating attack; it can reconstruct source code from deployed software to find exploitable weaknesses; and once inside a network, it can automatically map systems, move laterally, and build custom tools to extract data, all within hours.

Some of the key technical innovations that distinguish Mythos from previous AI models include:

• Infinite context window. Mythos can ingest and reason across an entire codebase or system simultaneously, linking all elements without limitation, enabling a depth of analysis previously impossible.
• Recursive self-correction. It observes results, adjusts its approach, and retries—fully automatically—until it finds an approach that works.
• Native system tool integration. Mythos can launch debuggers and interact directly with systems it is analyzing, transforming it from a reasoning engine into an active agent.
• Agentic scaffolding. It can form hypotheses, test them, launch containers, and execute code autonomously. It does not just suggest, it acts.

The practical result is a frontier AI model capable of finding and exploiting vulnerabilities at a scale and speed that far exceeds human capability. Anthropic’s own research confirms this: Using Mythos Preview, the company identified thousands of zero-day vulnerabilities across every major operating system and browser, including flaws that survived decades of human review and millions of automated security tests.

It is important to be clear about what AI changes and what does not change as a result of AI. The vulnerabilities in software have always been there, but the speed and ease of finding and exploiting those vulnerabilities has changed significantly. Work that once took a specialist team weeks can now be done in hours. And the complexity of legacy systems, which once made them difficult to attack, is no longer a reliable protection. AI cuts through that complexity at machine speed.

Mythos is not the problem—AI-powered attacks are

Many business leaders will read about Mythos, share the article with their CISO, and move on. But the arrival of AI-enabled attacks at this level of sophistication is not a moment for awareness; it requires structural change. Companies should assume that adversaries—nation-states, criminal enterprises, rogue actors—are developing equivalent capabilities to Mythos. Other frontier AI models already possess some comparable capabilities, including OpenAI’s GPT-5.4-Cyber and Google’s Big Sleep. And the cost and expertise required to launch sophisticated attacks will keep falling. Already, 87% of global organizations have experienced an AI-powered cyberattack in the past year, according to SoSafe’s Cybercrime Trends 2025 report. The question every organization needs to be answering is not how to contain any specific model but how to defend against an era of increasingly sophisticated AI-enabled attacks.

The threat is serious, but it is not insurmountable, and strong cybersecurity foundations are your best defense. Independent testing by the UK Government’s AI Security Institute confirmed that Mythos cannot reliably execute autonomous attacks against organizations with well-hardened defenses. The controls that constitute strong cybersecurity fundamentals—robust access controls, network segmentation, automated patching, zero trust architecture, and anomaly detection—already provide significant protection against AI-enabled attacks.

Rather than waiting for a new generation of AI-specific security tools, the most effective response requires properly building the foundations that should already be in place. Yet most organizations have not built those foundations to the required standard. The implication is clear: For most organizations, the most urgent priority is not to find new solutions to a new problem but rather to fix the old problems that have never been properly addressed.

How organizations can defend themselves

Cybersecurity must be treated as a critical topic for board consideration, and that requires active ownership, sustained investment, and genuine urgency. Every organization needs to raise its game, and quickly.

Establish a dedicated AI threat war room. The scale of the challenge requires a dedicated team to understand and combat AI-driven threats, using AI tools in the same way adversaries will, to systematically probe your own systems before attackers do. Critically, the same AI tools that attackers will use can and should be deployed defensively, to scan for vulnerabilities, monitor for anomalous behavior, and accelerate response. The war room’s mandate is not just to defend against AI but to use it.

Most large organizations already employ people with relevant AI and cybersecurity expertise. Reallocating this talent to a dedicated war room is more effective than hiring externally: Internal experts bring irreplaceable knowledge of the organization’s own environment. This is a permanent investment, not a project.

Strengthen foundational cybersecurity capabilities. Strong fundamentals remain essential, and most organizations have significant ground to make up. Chronic underinvestment has created deep weaknesses that AI-enabled attacks will rapidly expose. Correcting this is not optional—it is a matter of survival. (See the “Depth of defense” section below for a discussion of the specific priorities.)

Address urgent risks to operational technology (OT) environments. Organizations with significant OT environments face a particularly acute challenge. Industries including energy, utilities, manufacturing, water, and transportation rely on industrial control systems that are often decades old, out of warranty, and incapable of receiving security patches, either because patches do not exist or because applying them would risk disrupting critical operations. These environments were built for reliability, not security. Given Mythos’s ability to autonomously discover zero-day vulnerabilities in aged, complex codebases, these environments are especially exposed. Where patching is not possible, the focus must shift entirely to fundamental protective controls: strict network segmentation, OT-specific anomaly detection, and tight restrictions on any Internet-facing exposure.

Prepare for post-quantum computing. Addressing the AI threat is the immediate priority, but organizations cannot afford to ignore what comes next. Quantum computing will fundamentally undermine many of today’s encryption approaches, representing the next major wave of cybersecurity risk. Organizations need a clear risk assessment and roadmap in order to be prepared for quantum-enabled attacks no later than 2030.

Leadership must own this

The scale and scope of the threat illuminate a hard truth: The chronic underinvestment in cybersecurity that has left most organizations exposed is the direct result of a conscious, repeated choice by boards and executive teams to deprioritize it. For many organizations, AI-enabled attacks are not creating new vulnerabilities but exposing preexisting ones. Regulatory pressure is also mounting. Frameworks such as NIS2 in Europe and SEC cybersecurity disclosure rules in the US are raising the bar on what boards are expected to know and do. The era of treating cybersecurity as purely a technical matter, invisible to regulators and investors alike, is over.

Part of the explanation for this underinvestment lies in how organizations have historically assessed cyber risk. If the effort required to exploit a vulnerability was high, risk teams could reasonably judge that the probability of attack was low enough to accept the risk. That logic has now broken down. AI has collapsed the cost and effort of launching increasingly sophisticated attacks, making every unpatched or outdated system a realistic target. The risk calculations that once justified deferring investment are no longer valid.

Companies spend only about 0.69% of revenue on cybersecurity on average, according to IANS Research. Based on Bain’s experience helping large organizations make a step change in their cybersecurity capabilities, many will need to increase spending by up to two times their current levels or even more. The increases currently planned by most organizations—about 10% annually—fall well short.

And attackers continue to succeed at an increasing rate, a clear signal that organizations are falling behind on their investment in cybersecurity. The US Federal Bureau of Investigation’s IC3 received more than 1 million complaints in 2025, with reported losses reaching $21 billion, an increase of 26% year over year. Per IBM, the average cost of a data breach is now $4.4 million globally and $10.22 million in the US, an all-time high.

Cybersecurity must have consistent, active ownership at the CEO and board level, and in too many organizations, it does not. The threat will not plateau: AI capabilities are advancing, quantum is approaching, and the attack surface continues to grow. More than 60% of organizations say geopolitical tensions have already affected their cybersecurity strategies, according to the World Economic Forum’s Global Cybersecurity Outlook 2026. This is a business risk of the highest order, not a technology problem to be delegated downward.

The companies that navigate this era successfully will be those whose leaders have treated cybersecurity as the fundamental business risk it has always been and acted accordingly. For those who have not yet made that choice, the time for deliberation has passed.

Depth of defense: What strong cybersecurity fundamentals look like in practice

Strong cybersecurity fundamentals are not minor technical details; they are the architectural and operational decisions that determine whether an organization can withstand AI-enabled attacks. Some leading organizations are already executing well here, but many are not. The following tactical priorities can help close the gap.

Automated patching. AI is compressing the window between vulnerability discovery and weaponization to near zero, so organizations must move to high-automation patching. Slow, manual processes are no longer adequate. Known vulnerabilities must be identified and remediated at the speed the threat now demands.

Zero trust architecture. Zero trust—continuous verification of every user, device, and system regardless of location—must replace the outdated model of trusting anything inside the corporate perimeter. AI-enabled attackers that gain a foothold will find far less room to maneuver inside a well-implemented zero trust environment.

Anomaly detection. AI-driven attacks frequently arrive without a known identity or signature, rendering traditional detection tools blind. Anomaly detection—identifying unusual behavioral patterns rather than known signatures—is therefore a critical defensive layer against AI-enabled intrusions.

Modernizing identity controls. AI makes it significantly easier for attackers to trick employees into giving up their login credentials at scale, and Verizon reports that credential abuse already accounts for 22% of known breach entry vectors. Phishing-resistant multifactor authentication directly limits the blast radius of a breach: Even if credentials are stolen, an attacker cannot escalate to administrative-level access without clearing additional barriers. It can prevent over 99% of identity-based attacks and carries a secondary benefit of reducing help-desk calls and friction for employees.

Reducing legacy technical debt. Legacy systems that cannot support modern security standards are significant and often underappreciated attack targets. They are attractive precisely because they are hard to defend. Addressing this debt is not a quick fix, but it must be on the roadmap and progressing with urgency, particularly given AI’s ability to find vulnerabilities in aged, complex systems at speed.

Addressing supply chain risk. Organizations must extend their cybersecurity thinking beyond their own walls. AI-enabled attacks increasingly target suppliers, vendors, and third-party software as a route into larger organizations, and a well-defended enterprise can still be compromised through a poorly defended partner. This means including AI-specific cybersecurity posture—specifically, how well defended suppliers are against AI-enabled attacks—as a core component of supplier due diligence and ongoing third-party risk monitoring.

Hardening the environment

The goal of environmental hardening is to limit the damage when, not if, an attacker gets in. The underlying logic comes down to prevention rather than cure. The architectural controls (segmentation, least privilege, zero trust) prevent AI-enabled attackers from traversing the network and infecting further systems, even if they find an initial way in. The detection and response controls (anomaly detection, monitoring, rapid patching) are the cure, identifying and containing threats that do get through, at the speed AI-driven attacks now demand. Both layers are essential, and together they neutralize the advantage that AI gives attackers.

These strong cybersecurity fundamentals belong on every leadership team’s agenda.