Mythos, Quantum, and the Cyber Challenge

Why the next cyber era will be won or lost on the basics

A formidable new threat?

When Anthropic announced Claude Mythos on 7 April, the market reaction told you everything about how the cyber security industry now understands AI capability. Software stocks, already under sustained pressure from AI disruption, fell further and the White House held discussions with Anthropic’s CEO. A frontier lab had, for the first time since OpenAI held back GPT-2 in 2019, declined to release its most capable model publicly, routing it instead through a gated programme called Glasswing, whose express purpose is to let defenders patch foundational systems before adversaries catch up.

For boardrooms, CISOs and infrastructure directors, Mythos is the clearest signal yet that the threat landscape is bending faster than most enterprise security programmes can adapt. And it arrives at a moment when most of those programmes are still losing the battle against their own legacy estate.

The capability step-change

What makes Mythos different is not that it can write malicious code - previous models could do that too, albeit not as well. It is the leap in autonomous, expert-level offensive capability. The UK's AI Security Institute, granted early access, reported that the model succeeded at expert-level hacking tasks roughly three-quarters of the time. A year earlier, no publicly available model could complete those tasks at all. Anthropic itself claimed that Mythos has identified critical vulnerabilities across every widely used operating system and browser, with the vast majority still unpatched at the time of announcement.

Reverse engineering closed-source binaries, turning patched "N-day" vulnerabilities into working exploits, identifying logic bugs that traditional fuzzers cannot surface - Mythos does all of it, at machine speed, without needing a human in the loop for every decision. The defensive argument for delayed release is genuine: Project Glasswing partners including Microsoft, Apple, Amazon and Nvidia are using the model to harden their own code. But capabilities of this class rarely stay contained. Open-source replication, state-backed equivalents, and the inevitable grey market for access will narrow the gap within quarters, not years.

Agentic AI versus defence-in-depth

The broader issue for enterprises is what Mythos tells us about agentic AI systems generally. Traditional cyber defence is built on the assumption that attackers are constrained by time, skill and attention. We deliberately make exploitation tedious - layered controls, deception, monitoring choke points, rate limits, MFA challenges - because tedium deters humans and filters out all but the most motivated adversaries.

An autonomous agent is indifferent to tedium. It will grind through two hundred steps of reconnaissance, misdirection and privilege escalation, in parallel, across thousands of targets simultaneously. Industry analysts are already predicting the window between a vulnerability being disclosed and being weaponised will collapse from days to minutes. Enterprise patching cadences measured in weeks, SOC triage queues measured in hours, and CMDB data refreshed quarterly simply do not survive this shift.

For a CISO, the uncomfortable implication is that several pillars of the current defensive playbook - delay the attacker, detect in-flight, respond before lateral movement - are losing their economics. The attacker has a tireless, cheap, scalable workforce. The defender is still paying graduate analysts to read alerts.

The quantum horizon

Against this backdrop, quantum computing sits about three to seven years out as a probability-weighted strategic risk, but it is already reshaping decisions made today. No cryptographically relevant quantum computer exists in the wild. When one does - whether from a hyperscaler, a research consortium or a nation-state programme - the public-key cryptography underpinning TLS, VPN, code-signing, document signatures and most financial messaging becomes breakable.

For defenders, this is manageable on paper. NIST has finalised its post-quantum algorithms. Hyperscalers are rolling out hybrid TLS. Crypto-agility programmes, if started now, can be largely complete by the time the threat materialises. The harder problem is "harvest now, decrypt later" - adversaries, particularly state-level ones, are presumed to be collecting encrypted traffic today to decrypt once the capability arrives. Any data your organisation holds that must remain confidential for more than a decade - M&A, IP, pharmaceutical trial data, sovereign information - is already at risk, regardless of when quantum actually arrives.

The more speculative, and more worrying, question is what happens when advanced AI and quantum compute meet. Quantum-accelerated cryptanalysis coordinated by agentic AI planning engines is not a 2026 threat. But the organisations that are planning for it now - creating crypto-inventories, developing a quantum-safe roadmap, and scoping post-quantum pilots for long-lived data - will be the ones with options when it arrives.

The inconvenient truth about the starting position

And yet, despite this shifting horizon, the majority of large enterprises we work with are still losing on the basics.

Legacy operating systems remain everywhere. Windows Server 2012 R2 and 2016 instances are still carrying production workloads inside the FTSE 100. Unsupported Linux distributions run utilities on the factory floor. Legacy RHEL, ageing AIX and unpatchable industrial control systems sit quietly in the background, often forgotten until audit. A single unpatched kernel in a forgotten subnet is the kind of thing Mythos-class tooling finds in minutes.

Configuration management is often fiction. We routinely find CMDBs who’s accuracy is, charitably, 60–70%. Assets owned by divested business units still appear. Recently decommissioned kit is still listed as live. Shadow IT, SaaS sprawl and acquired subsidiaries have blown apart whatever neat picture the infrastructure director thought they had. You cannot defend an estate you cannot enumerate - and an agentic attacker will enumerate it for you, accurately, in hours.

Patching schedules continue to be a negotiation rather than a discipline. Critical patches that should be applied inside 72 hours are routinely taking four to six weeks because of change freezes, testing queues, third-party vendor dependencies and, often, political reluctance to take revenue-generating systems offline. The gap between disclosure and weaponisation no longer tolerates this.

How to balance the books

So, what should a CISO or infrastructure director do when their inbox contains both a Mythos briefing paper and a three-year-old patching exception they keep renewing?

The honest answer is that shiny problems cannot be allowed to displace fundamental ones, but they do reframe them. The case for modernisation changes from "operational hygiene" to "existential necessity" when the threat actor is autonomous, tireless and capable of expert-level exploitation.

Three principles can help leaders sequence the required spend. First, fix the enumeration problem. A credible CMDB, accurate software bill of materials, and automated asset discovery are prerequisites for every other investment, AI-driven defence, post-quantum migration, zero trust. Without them, you are buying capability you cannot aim.

Second, compress the patching cycle before buying new tooling. Cutting mean-time-to-patch from 30 days to 7 removes more risk, more cheaply, than most next-generation platforms. It also creates the operational muscle you will need when the disclosure-to-weaponisation window is measured in minutes.

Third, invest in crypto-agility and AI-defender capability in parallel, not sequentially. Both are multi-year programmes with long lead times. Both will be non-negotiable inside five years. Treat them as capital projects now, not discretionary.

Mythos is a preview - of the model, but also of the era. The organisations that emerge well from the next decade will not be those that chased the latest threat framework. They will be those that finally paid down the debt they have been deferring for twenty years, while simultaneously preparing for threats that did not exist twelve months ago. The bill for both is now due at the same time.