Athlex
Contact
Athlex

Tag: AI risk

Claude Mythos and the Accountability Gap: What Happens When AI Finds the Weakness First?

12 minutes read
AI system identifying a cybersecurity weakness on a laptop in a modern business setting

What happens when AI finds the weakness before you do?

Most businesses know the basics: patch systems, manage access, check suppliers and prepare for breaches.

The problem is not awareness.

The problem is delay.

Those tasks get pushed into “next quarter”, passed between teams, half-documented or quietly left to gather dust in a folder labelled “cyber review”. Claude Mythos makes that habit harder to ignore.

Anthropic’s Claude Mythos Preview has attracted attention because of its advanced cyber capabilities. The UK AI Security Institute evaluated the model and found that it showed significant improvement on capture-the-flag challenges and multi-step cyber-attack simulations. In controlled testing, where AISI explicitly directed the model and gave it network access, the model could carry out multi-stage attacks on vulnerable networks and discover and exploit vulnerabilities autonomously. (AI Security Institute)

That sounds dramatic. It is.

But for most organisations, the key issue is not whether Claude Mythos itself will attack them.

The better question is this:

If AI can find vulnerabilities faster, can your organisation show that it manages cyber and data protection risk quickly enough?

That is the accountability gap.

Claude Mythos is not just a hacking story

The public debate around Claude Mythos has focused on cyber capability. That makes sense. “AI can help find software vulnerabilities” is a more exciting headline than “please review your supplier register”, even though the second one is probably where the real trouble starts.

AISI reported that Claude Mythos Preview achieved a 73% success rate on expert-level capture-the-flag tasks. It also became the first model to complete “The Last Ones”, a 32-step simulated corporate network attack, succeeding from start to finish in 3 out of 10 attempts and completing an average of 22 out of 32 steps across all attempts. (AI Security Institute)

Why multi-step attacks matter

Real cyber incidents rarely happen in one clean step.

Attackers often move through a chain of activity: reconnaissance, access, privilege escalation, movement across systems and exploitation.

In plain English: they do not usually knock politely on the front door. They look for a loose window, climb in, find the keys, wander around and then everyone acts surprised that the security policy did not save them.

AI systems that can help connect those steps change the risk environment.

But Claude Mythos is not only a story about what attackers might do. It is also a story about what businesses may now need to prevent, detect, document and explain.

The old basics matter more, not less

It would be easy to treat advanced AI cyber capability as something so futuristic that normal organisations cannot do anything about it.

That would be convenient.

It would also be wrong.

AISI did not test Mythos against fully defended real-world systems. Its test environments lacked protections such as active defenders and defensive tooling. AISI therefore said it could not conclude that Mythos Preview could attack well-defended systems. (AI Security Institute)

Weak security is becoming easier to expose

AISI’s practical message was still clear: Mythos Preview can exploit systems with weak security posture, and more models with similar capabilities are likely to follow. AISI highlighted basic controls including regular security updates, robust access controls, secure configuration and comprehensive logging. (AI Security Institute)

So the lesson is not “buy a panic room for your servers”.

The lesson is this:

Weak security basics are becoming easier to find, easier to test and harder to excuse.

For many organisations, the biggest risk is not a science-fiction AI attack. It is much more ordinary:

  • software that nobody patched;
  • excessive admin access;
  • old accounts that still work;
  • suppliers with unclear security obligations;
  • systems nobody owns;
  • logs nobody checks;
  • incident plans nobody has tested;
  • policies that say the right thing while reality quietly does something else.

Claude Mythos does not create all of those weaknesses.

It makes them more exposed.

The real issue: can you evidence “appropriate security”?

This is where the data protection angle matters.

The UK GDPR requires organisations to process personal data securely using appropriate technical and organisational measures. The ICO explains that this security principle requires organisations to consider risk analysis, organisational policies, and physical and technical measures. (ICO)

That does not mean perfect security. No regulator expects a small business to defend itself like a national intelligence agency, which is merciful, because most organisations are still debating who owns the shared inbox.

But it does mean organisations must match their security measures to the risk.

“Appropriate” changes as the threat changes

The word appropriate matters.

As cyber capability changes, what counts as appropriate may also change.

If AI-assisted tools make it easier to discover and exploit weaknesses, organisations may need to ask whether their current arrangements still work.

Not in theory.

In evidence.

Can you show:

  • what systems hold personal data;
  • who has access;
  • when teams last reviewed access;
  • how quickly teams apply critical patches;
  • which suppliers access or host personal data;
  • what contracts say about cyber incidents;
  • when your breach response plan was last tested;
  • how teams escalate risks;
  • who makes notification decisions;
  • what records you keep?

The question after a breach is not only “what happened?”

After a personal data breach, regulators, customers, insurers and business partners may ask a second question:

What did you do before it happened?

That is where many organisations get uncomfortable.

Not because they did nothing, necessarily. Often, they did some of the right things. The problem is that nobody recorded them clearly, nobody owned them properly, or nobody checked whether they still worked.

That is the accountability gap in practice.

The overlooked issue: supplier risk

One of the most under-discussed issues with Claude Mythos is not just who can use AI to find vulnerabilities.

It is who benefits first when vulnerabilities are found.

Anthropic’s Project Glasswing gives selected organisations and critical software maintainers access to Claude Mythos Preview for defensive work. Anthropic describes the initiative as a way to secure critical software and give defenders a head start, with launch partners including AWS, Apple, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks. (Anthropic)

Most businesses will not get direct access to frontier AI tools

Project Glasswing may help improve widely used software. If major providers find and fix vulnerabilities earlier, many downstream users may benefit.

But most ordinary businesses will not use frontier AI security tools directly.

SMEs, charities, professional services firms and smaller regulated businesses usually depend on:

  • software vendors;
  • cloud providers;
  • managed IT providers;
  • payment platforms;
  • HR systems;
  • marketing platforms;
  • outsourced processors;
  • cyber security suppliers.

That creates a practical accountability problem.

If AI accelerates vulnerability discovery, businesses need to know whether their suppliers can respond quickly enough.

Supplier security is part of your accountability

It is no longer enough to assume “our provider deals with security”.

Organisations need to understand:

  • which suppliers process or access personal data;
  • whether contracts include appropriate security obligations;
  • how quickly suppliers must report incidents;
  • who applies updates;
  • whether suppliers use sub-processors;
  • what happens if a critical provider suffers a compromise;
  • whether business continuity plans are realistic.

A supplier’s cyber weakness can trigger your personal data breach obligations.

That is the bit businesses need to sit with, preferably before signing another contract where the security schedule has been treated as decorative paperwork.

The defensive inequality problem

Claude Mythos also points to a wider issue: defensive inequality.

Large technology companies may use advanced AI to find and fix vulnerabilities. They have specialist teams, mature processes, direct access to frontier tools and budgets that do not immediately burst into flames when someone says “security testing”.

Smaller organisations usually do not.

They rely on vendors to fix problems, suppliers to notify them, IT providers to apply patches and internal teams to understand what all of that means for personal data.

SMEs do not need an AI cyber lab

Smaller organisations are not helpless.

But they do need good governance.

For SMEs, the priority is not building their own AI cyber lab. That would be absurdly expensive and, in most cases, about as proportionate as buying a submarine to cross a puddle.

The priority is making sure the basics are understood, documented and owned.

That means:

  • keeping an up-to-date record of systems and suppliers;
  • reviewing contracts with key processors;
  • confirming who handles updates and patches;
  • checking access controls regularly;
  • maintaining breach response procedures;
  • documenting key decisions;
  • training staff;
  • testing incident escalation.

This is where data protection governance becomes practical risk management, not just paperwork.

The dual-use dilemma

Claude Mythos also reminds us that AI cyber capability is dual-use.

The same technology that could help attackers find vulnerabilities can help defenders fix them.

Bruce Schneier, writing in The Guardian, argues that modern generative AI systems are becoming good at finding and exploiting software vulnerabilities, but defenders can also use those capabilities to identify and patch weaknesses. He points to Mozilla’s use of Mythos to find vulnerabilities in Firefox, which Mozilla then fixed. (The Guardian)

Attackers and defenders may not move at the same speed

AI may make software more secure in the long run. It could help developers spot weaknesses earlier, test systems more thoroughly and reduce the number of vulnerabilities that reach production.

But the short-term picture may be messier.

Attackers and defenders may both gain new capabilities, but not at the same speed. Some organisations will patch quickly. Others will not. Some suppliers will communicate clearly. Others will send vague emails titled “Important service update” and bury the terrifying bit in paragraph seven.

That is why governance matters.

The question is not only:

What can the AI do?

The better question is:

Who is responsible for managing the risk when AI changes the speed of the threat?

What businesses should do now

Claude Mythos should not push organisations into panic.

It should push them into action.

1. Map your systems and data

You cannot protect what you do not understand.

Organisations should know:

  • what systems they use;
  • what personal data they hold;
  • where that data sits;
  • who can access it;
  • which suppliers are involved;
  • which systems support critical services.

This should connect with your records of processing, supplier register, asset list and breach response process. If those things do not speak to each other, now is the time to fix that.

2. Review supplier contracts and security commitments

Supplier risk creates one of the biggest practical issues.

Businesses should check whether key contracts clearly cover:

  • security standards;
  • incident notification timescales;
  • audit or assurance rights;
  • use of sub-processors;
  • patching responsibilities;
  • business continuity;
  • return or deletion of data;
  • support with regulatory obligations.

The aim is not to turn every supplier relationship into a legal wrestling match. Tempting, but no.

The aim is to know where responsibility sits before something goes wrong.

3. Check patching and vulnerability management

If AI tools can find vulnerabilities faster, delays matter more.

Businesses should know:

  • who applies updates;
  • how teams prioritise critical patches;
  • whether unsupported systems remain in use;
  • how suppliers update managed systems;
  • whether teams record patching decisions;
  • who approves and reviews exceptions.

“Someone in IT probably sorts that” is not a control. It is a hope wearing a lanyard.

4. Tighten access controls

Access is one of the most common weak points.

Organisations should review:

  • multi-factor authentication;
  • admin privileges;
  • shared accounts;
  • leaver access;
  • dormant users;
  • supplier accounts;
  • role-based permissions.

People should have the access they need, not the access they accidentally inherited during a project three reorganisations ago.

5. Test your breach response plan

A breach response plan only helps if people know how to use it.

Testing should cover:

  • who identifies and escalates incidents;
  • who assesses whether personal data is involved;
  • who contacts suppliers;
  • who decides whether the organisation must notify the ICO;
  • who manages affected individual communications;
  • who speaks to insurers;
  • who keeps the decision log;
  • who updates senior management.

A plan that nobody has tested is not a plan. It is decorative compliance.

6. Bring AI governance into the same conversation

Organisations cannot treat AI governance, cyber security and data protection as separate boxes.

If staff use AI tools to write code, review documents, analyse logs, summarise customer information, generate marketing content or automate workflows, organisations need clear rules.

That means:

  • acceptable use policies;
  • AI supplier due diligence;
  • confidentiality controls;
  • human review;
  • records of AI use;
  • risk assessments for higher-risk tools;
  • clear accountability.

The issue is not just whether staff use AI.

It is whether anyone knows how, where, why and with what safeguards.

The Athlex view

Claude Mythos is not a reason for businesses to despair.

It is a reason to stop pretending that cyber security, data protection and AI governance are separate conversations.

They are not.

AI may change the speed at which vulnerabilities are found. It may change what attackers can do. It may also change what defenders can achieve.

But for most organisations, the immediate challenge is simpler:

Can you show that you understand your risks and have taken reasonable steps to manage them?

That is the accountability gap.

The practical lesson for ordinary businesses

Claude Mythos may be a frontier AI story, but the lesson for ordinary businesses is practical:

  • know what data you hold;
  • know where it sits;
  • know who has access;
  • know which suppliers matter;
  • know how incidents are handled;
  • know whether your controls actually work;
  • document the decisions you make.

AI may be getting better at finding weaknesses.

Businesses need to get better at fixing them, and proving they did not ignore them.

At Athlex, we help organisations make data protection, AI governance and practical compliance easier to understand, easier to evidence and easier to maintain.

Because waiting until a vulnerability becomes a breach is not a strategy.

It is procrastination with consequences.

Need help reviewing your data protection, supplier or AI governance arrangements?

Athlex helps organisations turn complex compliance requirements into clear, practical steps.

From supplier reviews and breach readiness to AI governance and data protection documentation, we help you understand your risks before they become problems.