Amid concerns sparked by Mythos, the Pentagon’s cyber policy chief sees ‘huge opportunity’ with frontier AI models
Software vulnerabilities recently discovered by Anthropic’s new Claude Mythos Preview artificial intelligence model have raised alarms in the cybersecurity community, but a senior Pentagon official sounded upbeat Thursday about the benefits of frontier AI technology.
Mythos Preview, an unreleased frontier model with coding capability, reportedly found thousands of “high-severity” vulnerabilities that need to be fixed by the public and private sectors so that China or other adversaries can’t use similar technology to find and exploit them.
“As I hear a lot of people talking about challenges and threats when they talk about Mythos, I actually come at it from a very different perspective,” Katie Sutton, assistant secretary of defense for cyber policy, said at the AI+ Expo. “As an engineer and as somebody who works to develop tools and has over my career in this space, the first word that I see when I think of Mythos is actually ‘success,’ and it talks to one of the biggest initiatives that I’m going to be leading in the department is how do we leverage what is our number one competitive strength in the United States? And that’s our industry, and the fact that U.S. industry was able to rapidly innovate and develop such a powerful capability, not just with this model, but with its predecessors, and what’s going to be coming on afterwards from many of the other frontier models that we see. That’s really a huge success story, and there’s huge opportunity.”
She noted that frontier AI technology can be used to help develop more secure code.
“One of the challenges of cybersecurity is we’re largely patching vulnerabilities, which is getting after the fact that there are problems in the code. So having tools that are going to help us build that more robust code is a huge opportunity. There’s also huge opportunity to take these tools and be able to learn where our vulnerabilities are so that we can mitigate them and patch them,” Sutton said.
However, the U.S. will need to move to a less labor-intensive approach to fixing vulnerabilities, she noted.
Taking days or weeks to patch problems isn’t going to cut it, she suggested.
“That’s no longer going to be acceptable when we start thinking about needing to move to machine speed. We’re going to be talking about minutes to seconds. And there’s a lot of opportunity. I think industry is going to bring a lot to the table … to develop really robust and creative solutions to this,” Sutton said.
“The challenge from the Department of War is how do we implement that where we have a lot of tech debt and a lot of legacy systems? And that’s where we’re just gonna have to speed up how we get after some of those upgrades,” she added.
Pentagon CTO Emil Michael, speaking at the same conference, said Mythos is just an example of the upcoming evolution of “cyber-capable” AI models.
“I do think these models all tend to converge over time. When one [company] finds out that, hey, coding is a great business opportunity, the other ones start developing coding opportunities. When one figures out that cyber is another sort of vector of improvement, they’ll tend to do that,” he said.
“The Mythos moment is really a cyber moment, and it’s how is the U.S. government going to deal with cyber, how do we operationalize fixing things that need to be fixed? Because these models are coming one way or the other, and thankfully, the U.S. companies [are the ones] that are ahead, not the Chinese ones. But even if they weren’t, we’d be thinking about this coming from the adversary. How do we deal with this? And it will still be the same White House-driven approach of what do we do as a nation about these things?” Michael said.
The Pentagon earlier this year designated Anthropic a supply chain risk amid a dispute about restrictions on the department’s use of the company’s Claude products. Anthropic has taken the government to court over the ban.
