SecurityScorecard CEO and Co-Founder Dr. Aleksandr Yampolskiy joined Yuka Royer on France 24 to discuss Anthropic’s Mythos model, noting that AI has compressed the time to respond to cyber threats, accelerated exploitation timelines, and made automation and collaboration essential for defense.
For defenders, the issue is not just more powerful AI. It is how that power compresses response time, forcing teams to rethink how they detect, prioritize, and fix risk.
“The time from discovering a vulnerability to exploiting it has accelerated exponentially,” Dr. Yampolskiy said.
What Does Anthropic’s Mythos Change in Cybersecurity? It Removes Time to React
Anthropic’s Mythos introduces a shift that security teams have not faced before. It combines deep analysis with execution speed, allowing vulnerabilities to move from discovery to exploitation almost instantly.
Yampolskiy pointed to a clear example. The model identified a flaw in 27-year-old software that had been tested repeatedly without success. No human researcher found it, raising questions about what other vulnerabilities have lived on for decades without raising alarm bells.
This change removes the practical window that security teams once depended on. Previously, organizations could detect a vulnerability, assess risk, and deploy a patch before attackers acted. That sequence is no longer reliable, Dr. Yampolskiy argued.
“Back in 2023, it could take five days to weaponize a vulnerability. With Mythos, that can happen in seconds,” Dr. Yampolskiy said.
It’s not that Mythos introduces a new type of risk, it intensifies an existing one. Attackers have always been able to exploit vulnerabilities quickly, but tools like Mythos increase the likelihood that they can do so consistently and at scale.
This forces organizations to rethink patching cycles, monitoring strategies, and escalation paths. Delays that once seemed manageable now create immediate exposure.
In practice, this means organizations can no longer assume they will have time to validate findings or stage responses before exploitation begins. Patching cycles, monitoring strategies, and escalation paths must become smarter, quicker and more automated to account for attackers acting immediately or even in parallel with discovery.
How AI-Enabled Attackers Move Faster Than Defenders
AI has shifted cybersecurity into a speed-driven contest where automation determines outcomes. Dr. Yampolskiy described this shift as comparable to the transition from horseback to automobiles. It increased how fast everything could move and forced every participant to adjust.
“We’re now seeing a new generation of attack and defense capabilities operating at unimaginable speed,” Dr. Yampolskiy said.
Human-led processes cannot match this pace, he argued. Security teams still rely on triage queues, manual validation, and staged responses. These steps introduce delays that attackers can now exploit in seconds.
With Mythos, organizations must act quickly to reduce reliance on human intervention during critical moments. Detection, prioritization, and response must happen automatically to remain effective.
How Organizations Should Respond to Mythos
The speed of AI-driven threats makes prevention alone insufficient. Dr. Yampolskiy noted that organizations in 2026 must assume that some attacks will succeed, and design systems to continue operating under pressure as a result.
“We will need to assume attackers will eventually get in, and design systems that are resilient from the start,” Dr. Yampolskiy said. “It may get worse before it gets better.”
This requires more than stronger defenses. It will push organizations to implement changes in how systems are built and maintained. Infrastructure must support continuous testing, rapid validation, and safe deployment of fixes without disrupting operations.
Third-Party Risk and Collaboration Define the New Reality
AI-driven threats extend beyond internal systems. Breaches increasingly stem from third-party vendors, partners, and service providers. SecurityScorecard research found that over 35% of breaches come from third parties, a figure that keeps growing each year. Mythos only amplifies that issue.
“You are only as secure as the weakest link in your ecosystem,” Dr. Yampolskiy said.
Even strong internal controls cannot prevent risk introduced through external relationships. This makes continuous monitoring of the broader ecosystem even more essential today than it was just last month.
SecurityScorecard addresses this challenge by providing organizations the ability to measure, monitor, and drive down third-party risk across the digital supply chain. With TITAN AI, organizations can identify issues outside their perimeter, act before they are exploited, and map threats to their specific context.
Dr. Yampolskiy also emphasized the need for stronger collaboration between government and corporations. Attackers share techniques and coordinate efforts, while defenders often operate in isolation.
“We will need much closer collaboration between the public and private sectors,” he said.
Governments, companies, and AI developers must work together to respond effectively. No single group has enough visibility or resources to address these threats alone.
Key Recommendations for Building Resilience with Mythos
- Assume vulnerabilities may be exploited immediately after discovery
- Replace manual workflows with automated detection and response
- Design systems to continue operating during an attack
- Enable fast and safe patching through continuous testing
- Monitor third-party risk as closely as internal systems
- Strengthen collaboration across public and private sectors
Learn how SecurityScorecard’s TITAN AI helps your team identify risks earlier, prioritize what matters, and respond before attackers act.
