CISA Lacks Access to Anthropic's Security AI Model as Other Agencies Use It for Testing
Similar Articles
NSA Using Anthropic's Mythos AI for Security Vulnerability Scanning
White House Developing Guidance to Ease Government Use of Anthropic AI Models
U.S. Cyber Command to Deploy Top AI Models for Cyber Operations
AI Firms Brief Congress on Advanced Cybersecurity Models and Risks
New AI Models Show Advanced Cybersecurity Capabilities in UK Safety Tests
The Cybersecurity and Infrastructure Security Agency (CISA) does not have access to Anthropic's Mythos Preview model, a specialized AI for finding security vulnerabilities, according to sources. Other government agencies, including the National Security Agency (NSA) and the Commerce Department, are reportedly using the model to test their own systems. This comes as CISA faces significant budget and workforce reductions under the current administration.
Facts First
- CISA lacks access to Anthropic's Mythos Preview model, according to sources, while other agencies like the NSA and Commerce are using it.
- Anthropic decided against a public release of Mythos due to its ability to quickly discover and exploit security vulnerabilities.
- The model has been provided to over 40 companies and organizations for testing and system fortification.
- CISA has lost more than a third of its workforce and millions in funding, with the acting director stating resources are "more limited than I would like."
- The Department of Defense has declared Anthropic a "supply chain risk," and national cyber director Sean Cairncross is negotiating broader civilian agency access to Mythos.
What Happened
The Cybersecurity and Infrastructure Security Agency (CISA) does not have access to Anthropic's Mythos Preview model, according to sources. Some other government agencies, including the National Security Agency (NSA) and the Commerce Department's Center for AI Standards and Innovation, are reportedly using the model. Anthropic decided against a public release of Mythos due to its ability to quickly discover and exploit security vulnerabilities and has provided it to more than 40 companies and organizations for testing. An Anthropic official stated the company briefed CISA and the Commerce Department on the model's capabilities earlier this month.
Why this Matters to You
The security of government networks and critical infrastructure directly impacts national safety and the protection of citizens' data. A key agency tasked with defending these systems may lack a tool that other parts of the government are using to find and fix vulnerabilities before they can be exploited. This situation could affect the overall resilience of systems you rely on for services, financial security, and personal information protection. The ongoing negotiations for broader access suggest this gap may be addressed.
What's Next
National cyber director Sean Cairncross is among the officials negotiating broader civilian agency access to Mythos, with the Treasury Department also involved in talks. Organizations with access have predominantly been using the model to find vulnerabilities in their own networks. The future of CISA's capacity may be influenced by budget proposals, as the current administration has proposed cutting as much as $707 million from the agency's budget for the upcoming fiscal year.