CISA does not have access to Anthropic's Mythos Preview, despite other U.S. agencies and many private organizations using it to locate and mend vulnerabilities. Mythos’s unprecedented ability to rapidly uncover security gaps has spurred unease about AI-driven cyber threats and left critical defense bodies somewhat exposed. Anthropic briefed CISA and the Commerce Department, while the NSA and other groups leverage Mythos; DoD has flagged Anthropic as a supply-chain risk. The shift of power and resources under the Trump administration has further strained CISA, raising questions about the country’s broader cyber-defensive capacity and coordination going forward.
Dive Deeper:
Anthropic distributed Mythos Preview to more than 40 companies and organizations for testing, with the goal of shoring up defenses by identifying exploitable vulnerabilities.
CISA has not been granted access, even though other federal entities and critical infrastructure partners are actively evaluating the model’s capabilities.
An Anthropic official told Axios that CISA and the Commerce Department were briefed on Mythos; the Commerce Department’s Center for AI Standards and Innovation is reportedly testing it, and the NSA is also using Mythos while DoD flags supply-chain risk concerns.
The political context shows the Trump administration reducing CISA’s capacity, arguing for more policy control via the White House’s national cyber director and shifting programs toward state and local levels, with budget cuts proposed and significant workforce losses already realized.
National cyber director Sean Cairncross and Treasury are among officials negotiating broader civilian access to Mythos, signaling an ongoing effort to balance defense needs with policy and security risk considerations.
Experts note that other organizations leverage Mythos to probe their own networks for vulnerabilities, highlighting a potential disparity in access that could affect coordinated threat intelligence and defense benchmarking.