Rarely has a technological tool stirred as much anticipation — and as much unease — in the corridors of the international cybersecurity community as Claude Mythos. Anthropic has announced Claude Mythos Preview, an AI model in a testing phase that can analyse computer code and find vulnerabilities at a level surpassing any existing expert or tool. Its ability to detect previously invisible flaws has been such that the company itself decided not to release it publicly and instead to set up Project Glasswing: an emergency “task force” involving more than 40 organisations deemed critical, including technology giants such as Amazon Web Services, Apple, Google, Microsoft, PaloAlto, Cisco and NVIDIA.
This month I attended the World Economic Forum’s annual cybersecurity meeting, which brought together the world’s leading cybersecurity experts in Geneva, and I can confirm that there was not a single conversation, panel or coffee break that did not revolve around Mythos. We also had the privilege of hearing first-hand the perspective of some of the active participants in Project Glasswing, who shared — publicly and privately — what they are seeing, and the message was unequivocally clear.
Glasswing’s Findings
The first thing worth knowing is that what we are reading in the press is not an exaggeration. The project’s partners noted in Geneva that they have a testing window extending until “approximately the end of May,” but that they do not know the date on which a wider release of the model will take place. From that point, the clock will start running in earnest: once Mythos is released, organisations will have to act quickly.
A revealing piece of data shared in Geneva is that, when comparing the detection capabilities of the advanced models from OpenAI and Anthropic, only around 20% of the vulnerabilities found overlap. In other words, each model “sees” different things. The real attack surface, once equivalent capabilities proliferate across other labs, will be far larger than any individual tool suggests today.
On guardrails, the conclusion is nuanced: they exist, they work, but AI can get around them. In the tests described, when Mythos was asked to prepare a ransomware attack against a hospital, the model refused. But the participants themselves acknowledge that, through more sophisticated chaining of instructions, the model could be led into territory it would reject in a direct request.
The good news is that the large technology companies will be prepared. They have had early access, resources and dedicated teams. The bad news is that the rest of the ecosystem has not — and that is where the real blind spots are.
What Makes Mythos Different
The figures being handled internally are striking: four weeks of vulnerability discovery with Mythos is equivalent, in terms of coverage, to a year of traditional pentesting. But reducing it to a question of speed would be a mistake. What is truly disruptive is that the model identifies new attack paths we did not even suspect, chaining together minor flaws to build coherent exploitation chains.
This has a significant impact on a basic operating principle in cybersecurity: that low-CVSS vulnerabilities can be ignored or postponed. With Mythos on the other side, the exploitation of small vulnerabilities can become the path to far more significant impacts. A seemingly irrelevant crack, combined with two others, can end up escalating into a severe incident.
Another strategic consequence is that we are going to see more SolarWinds-type attacks, from the inside out: compromising a supplier or a supply-chain component to reach hundreds or thousands of organisations downstream. And a relevant finding for CIOs and CTOs: there is a very high correlation between code quality and the number of vulnerabilities detected. Anyone who has neglected technical debt for years now has a twofold problem.
The Two Blind Spots: Open Source and OT
If the large technology companies will be ready, two parts of the ecosystem clearly will not — and they deserve far more attention than they are getting.
The first is Open Source. A large part of the internet rests on libraries and components maintained by small communities, with no budget or dedicated security teams. They are precisely the slowest to patch, and in an AI-accelerated landscape that delay becomes dangerous.
The second — and the one I want to dwell on — is Operational Technology. The list of Glasswing partners includes cloud providers, endpoint and network security firms, chipmakers, banks. The companies that build the PLCs, the DCS and the SCADA systems running our power grids, our water plants, our factories and ports — Siemens, Schneider Electric, Rockwell, GE, Honeywell, ABB — do not appear among the announced partners. The industrial world, once again, is last in line.
This should concern every industrial operator, because attackers will not wait for OT’s turn. And OT is the softest target there is: legacy systems that cannot be patched on demand, networks that are rarely properly segmented, and an IT/OT convergence that hands attackers a single connected surface. The Mythos logic — chaining minor flaws into severe impacts — is especially dangerous here, where a chain of small weaknesses can end not in stolen data but in a stopped turbine, a contaminated process, or an unsafe plant.
Why OT needs a different answer — and how DeNexus helps
In an AI-accelerated threat landscape, vulnerabilities are no longer scarce. They are abundant, cheap to find, and surfacing faster than any team can read the reports. The bottleneck is no longer finding problems. It is knowing which problems actually threaten the business — and which fixes are worth funding first. In OT, where you cannot simply patch everything and budgets are finite, that prioritisation question is everything.
This is the gap DeNexus was built to close. Rather than adding to the flood of findings, DeNexus translates OT exposure into quantified business risk: the probability and the financial impact of a cyber incident, calculated for each facility and across an entire industrial portfolio. It gives industrial leaders an evidence-based answer to the only question that matters when threats are infinite and resources are not — of everything that could go wrong, what do we solve first? It shows where the organisation is most at risk, which mitigations deliver the highest impact, and provides the financial language to get them funded before the gap is used against them. It is the bridge between the CISO and the CFO — turning cyber risk from a colour on a heat map into a number a board can act on.
If the AI defence coalition is not covering industrial technology, industrial companies have to cover themselves. That starts with measuring OT risk rather than guessing at it.
The piece almost everyone forgets: insurance and physical damage
There is one consequence of OT cyber risk that boards consistently underestimate: an OT incident does not stay digital. It can cause physical damage — destroyed equipment, environmental harm, even bodily injury. And here lies a coverage trap many industrial companies do not discover until it is too late.
Traditional cyber insurance policies generally do not cover physical or property damage. At the same time, property insurers have moved decisively to exclude cyber-derived risk from property policies, through standard exclusion clauses, in order to eliminate so-called “silent cyber” exposure. The result is a gap: cyber-triggered physical damage can fall between the two policies — excluded by the property policy because the cause was cyber, and excluded by the cyber policy because the loss was physical. For an industrial operator, that is precisely where the largest potential losses sit.
Closing that gap is not simply a matter of buying another policy. It requires understanding, in financial terms, which cyber-physical scenarios are plausible and what they would cost — so that coverage can be aligned to real, quantified exposure and retained risk made explicit.
That translation layer between OT risk and the insurance market is no longer theoretical. As a board member of DeNexus, I should be transparent about my perspective here — but the timing is relevant: DeRISK UWA Agentic reached general availability this month, right around the Geneva meeting. It is the first workflow that takes OT cyber-physical exposure evidence and produces actuarial output — expected loss, loss exceedance curves, premium indication, structured coverage terms — in minutes rather than weeks. The coverage gap between cyber and property policies that I described is a translation problem as much as a structural one. The translation infrastructure now exists.
DeNexus provides now the foundation both for prioritising defences and for making informed, defensible decisions about risk transfer.
Practical recommendations
From the Geneva conversations, a fairly broad consensus emerges on what to do between now and the model’s release:
- Identify and prioritise the patching of critical paths — not individual assets, but the chains that lead to significant impacts.
- Resolve the basics. Most of the damage Mythos could do in hostile hands will still rely on poor hygiene: weak credentials, unapplied patches, default configurations.
- Increase visibility and strengthen detection. If the attacker finds things faster, the defender also has to see faster.
- Put the focus on identity management, both human and digital (service accounts, agents, machine-to-machine credentials). It is the vector most abused in complex exploitation chains.
- Do not perform automatic open-source updates without testing. Until now, updating was almost always the safe option; in the coming months it may not be so, if patches arrive infected.
- Adopt a Zero Trust approach from the inside out as well. The perimeter-based defensive model is dead; the lateral one is too.
- Adopt a continuous pentesting model, automating the detection and remediation of vulnerabilities in real time. An annual or semi-annual cadence is no longer valid.
- Quantify your OT cyber risk — and review your insurance against it. Map plausible cyber-physical scenarios to your actual policy terms and close the gap between cyber and property coverage before an incident exposes it.
The other side of the scale: the opportunities
Although the above paints a fairly bleak picture, Mythos also opens up real new opportunities to strengthen cybersecurity:
- CISOs can take advantage of the current media noise to secure more support, budget and resources. The C-Suite’s window of attention has rarely been so open.
- The quality of AI-generated software will improve, because the same capabilities that detect flaws can be integrated into the development cycle from the outset.
- The large clouds will be more secure: AWS, Microsoft and other partners are already applying Mythos Preview to their own codebases, and that will benefit all their customers by default.
- Global defensive cybersecurity capabilities will improve, especially if Anthropic delivers on its commitment to share learnings with the entire industry.
Let us be optimistic
The history of cybersecurity is the history of a permanent race in which, periodically, one side makes a qualitative leap. Mythos is one of those leaps. The difference this time is that it is being made first by the defensive side, and deliberately so. That advantage will not last indefinitely — but it will last long enough for those who act now to reach the new landscape in reasonable shape.
For industrial operators, the message is direct: no one is coming to identify your OT risk for you. The Glasswing coalition covers cloud, endpoint, and network. It does not cover the plant floor. That gap is yours to close — and the tools to close it exist today.
Quantify the risks you actually face. Align your coverage to the physical consequences a cyber incident can really have. Direct your defenses where they count. The organizations that do this work now will not just survive the transition — they will be materially better positioned than those who waited for their turn in the queue.
There is a great deal of work ahead, but there are also real reasons for optimism. Let us be optimistic and focus on the opportunities!
Rosa Kariger
Board Member at DeNexus