Scoop: CISA lacks access to Anthropic's Mythos
Add Axios as your preferred source to
see more of our stories on Google.
Nick Andersen, acting director of CISA, during a congressional hearing last week. Photo: Pete Kiehart/Bloomberg via Getty Images
The Cybersecurity and Infrastructure Security Agency doesn't have access to Anthropic's powerful new Mythos Preview model, even though some other government agencies are using it, two sources tell Axios.
Why it matters: The country's top cyber defense agency, tasked with helping to secure everything from banks to power plants, is being left behind at a time when the industries it works with are deeply concerned about AI-powered cyberattacks overwhelming their defenses.
- Anthropic decided against a public release of Mythos due to its unprecedented ability to quickly discover and exploit security vulnerabilities.
- Instead, Anthropic provided it to more than 40 companies and organizations who are now testing it and working to shore up their systems.
- CISA is not on that list, the sources say.
State of play: Earlier this month, an Anthropic official told Axios the company briefed CISA and the Commerce Department on Mythos' capabilities.
- The Commerce Department's Center for AI Standards and Innovation has reportedly been testing Mythos.
- The NSA is also among the organizations using Mythos, despite the Department of Defense, which oversees the agency, having declared Anthropic is a "supply chain risk."
- It's unclear if the ongoing turmoil within the agency during the second Trump administration played any role in the agency not moving more swiftly to secure access.
- Spokespeople for CISA and Anthropic declined to comment.
The big picture: The Trump administration has spent the last year reducing capacity at CISA, instead opting to give more policy influence to the White House's national cyber director and pushing some programs to the state and local level.
- CISA's acting director Nick Andersen told lawmakers last week that the agency's resources are "more limited than I would like."
- Trump proposed cutting as much as $707 million from the agency's budget in the upcoming fiscal year.
- CISA has already lost more than a third of its workforce and millions in funding.
Between the lines: National cyber director Sean Cairncross is among the Trump officials negotiating broader civilian agency access to Mythos.
- Treasury has also been negotiating access.
- Other organizations with access to Mythos have predominantly been using it to find exploitable security vulnerabilities in their own networks, sources tell Axios.
What to watch: Security teams at critical infrastructure organizations have often looked to CISA to share threat intelligence across their sectors and determine how to prioritize their security strategies.
