WASHINGTON — Amidst anxiety about Anthropic’s as yet unreleased Mythos model, whose much-hyped hacking ability has raised fears of a looming “bugmageddon,” two top Pentagon tech leaders said this morning they were optimistic that Mythos — and future models like it — could help cyber defenders even more.
“I hear a lot of people talking about challenges and threats when they talk about Mythos,” said Katherine Sutton, Assistant Secretary for Cyber Policy, told the SCSP AI+Expo this morning. “[But] there’s huge opportunity in these models. One of the foundational things that they’re going to enable is the development of secure code.”
As AI hacking tools proliferate, the current approach to cyber defense, which can only patch vulnerabilities “at human speed, in weeks to days,” is “no longer going to be acceptable,” she said. Mythos and its kin-to-come, by contrast, could find and fix bad code in “minutes to seconds,” she argued.
“Those vulnerabilities have always existed,” said Emil Michael, the Pentagon’s CTO and Under Secretary for Research and Engineering, following Sutton on the SCSP stage. “Now you can find them faster, and the good news is you can patch them faster.
“The bad news is you can exploit them faster,” he acknowledged. “So that creates a moment where it’s incumbent upon the country, not just the government, to harden the systems.”
The Defense Department and indeed the nation rely on a patchwork of often-antiquated software systems running sloppy, buggy code, Michael said. AI that can patch that code autonomously could finally dig America out of decades of accumulated tech debt, he argued —“and then you’ve really fast-forwarded what we should have been doing for the last 20 years.”
But the problem for the Pentagon, moderator David Sanger pointed out, is that Mythos is made by Anthropic, with which the administration is feuding. (The company is pursuing two parallel lawsuits against the government after President Donald Trump and Secretary Pete Hegseth banned federal use of Anthropic products in blistering social media posts. Michael himself had chimed in on X to call the company’s CEO “a liar [with] a God-complex.”)
Anthropic isn’t irreplaceable, Michael said this morning, and Mythos is just the first of many similar AI models to come.
“Mythos is really just an example of the upcoming evolution of cyber-capable models, just slightly ahead,” Michael said. “These kinds of cyber models … whether OpenAI’s or xAI’s, Google’s … will all come out in the next year or so [with] this exquisite cyber capability…. Ultimately, hopefully, they have mostly the same data, and they’re mostly going to converge.”
“This isn’t about this one single model,” Sutton agreed. However good Mythos may be today, she said, “in six months, there’s going to be something that is even better.”
“These models are coming one way or the other,” Michael said. “Thankfully, it’s the US companies that are that are ahead, not the Chinese ones.”
And while he said the Pentagon made the mistake of being over-reliant on Anthropic products, Michael went on, “never again will we be single-threaded with any one model.”
Proof of that, he said, is last week’s announcement that eight leading tech firms are getting their AI cleared to deploy on classified networks.
“These are US companies, or US champions,” Michael said. “This was a recognition that most of the industry, the vast majority of them, wants to do that with us.”