AI Security Brief 7.2.26
Ep 6 | 7.2.26

Is the next frontier model your biggest threat or your best defender?

Transcript

Johnny Hand: So, is Mythos the endgame for cybersecurity?

Rob Bair: Mythos is just the beginning. [ Music ]

Johnny Hand: Welcome to AI Security Brief, where we're unpacking emerging AI threats, vulnerability research, and the strategic decisions security leaders are making right now. I'm Johnny Hand.

Dustin Childs: And I'm Dustin Childs. And, Johnny, we're on the road again. I just returned from Pwn2Own Berlin, where I saw a lot of exploitation that was really facilitated by artificial intelligence and different AI models. Well, at the same time, you had a chance to talk to Rob Bair from Anthropic and all things Mythos. So I'd love to hear more about your conversation with him.

Johnny Hand: Yeah, it was honestly a great conversation. And Rob really is the perfect person for this. As the Head of National Security Partnerships at Anthropic, he's had a storied career throughout the military, and one that is kind of a fun fact actually circled my military career where we both worked in cybersecurity and the US government. So we dug into Mythos. We dug into nation-state activity. It was very, very fun, very interesting, and I'm excited to jump right in.

Dustin Childs: Yeah, I'd love to hear more about it, especially because there's so much hype around Mythos, but I really want to get into beyond the hype and why it matters, and especially since the nation-state angle is a real and current threat and not theoretical in the least. We've already seen this happening in the wild.

Johnny Hand: Great. Let's dive in. Rob, one of the things I've been really excited to chat with you about is the fact that we both came through the Navy. We both have similar career paths, and we've been in and around each other for probably the last 20, 25 years. So tell me a little bit about your Navy career, how you got started, and then how that transcended into where you're working today.

Rob Bair: Yeah, I mean, I think I accidentally ended up in cybersecurity. So just like your son, Keegan, you know, I was a nuclear power-trained officer, spent my first five years on submarines, and then had a medical issue that wouldn't let me continue in the submarine force. And it turns out 2008 was not a great time to get out of the Navy and go get a job on Wall Street. So I ended up staying in the Navy and redesignating into, you know, a cyber-related field. And then went and worked on very early cyber capabilities at Special Operations Command, and then went to NSA and US Cyber Command, and kind of, like, stayed on the leading edge of integrating technology into operations. And so just led to a really awesome career. And I think, like, the background in nuclear power, just understanding, you know, how a nuclear reactor works. It's just understanding how electrons flow. It's a very, like, natural transition into cyber. So, you know, we overlapped with many of our shipmates, and so it was a great transition into cybersecurity.

Johnny Hand: Yeah. Yeah. It's really neat because we were in and around each other, like, pretty much most of our career, and never actually met, which was -- which was kind of funny. And I think I was joking with a friend the other day that the older you get, the smaller the world gets, and you realize that you know a lot more people than you realize. So one thing I want to hit on a little bit with your Navy career -- because we both came from an operations background, and I think that something that's missed, a lot of times we think, like, cybersecurity is this high technical space. But ultimately, like, with US Cyber Command, I was at Navy Cyber Defense Operations Command, kind of the forefront of what became US Tenth Fleet and then into US Cyber Command. And one of the best skills was translating into operations because a lot of folks didn't have that. So, did your Navy career in terms of your being an officer on the nuclear side, but then moving in, did that help you kind of make sense of the cyber world?

Rob Bair: Yeah, I mean, I think at the end of the day, it is all about operations. It's about translating the technology into some sort of business outcome. And, you know, the Navy, you know, we don't have profit and loss, but we have mission outcomes that, you know, you saw when you were working with the Navy SEALs. And I think it's just a really natural transition to get into that space. And I think the other thing that it made me realize is, like, we can always have the best technology. And the DoD or DoW, we got to spend a lot of money on toys and tech. But at the end of the day, it was about the people deploying the tools and tech. And so, like, I was really blessed throughout my career to have some really incredible people building out a security operations center or whatever it was. And we made tooling decisions and technology decisions. But, like, what we really emphasized was investing in our people. And I think the same is true in an AI-powered world where we are today.

Johnny Hand: I really love that because we often get really excited about the technology. And I've said for years is like, you can buy the best technology, you can have all the capabilities, but at the end of the day, if someone doesn't do the right thing, you're still left with the same result. So switching gears a little bit, you're in the national security space, focused with Anthropic, very exciting space to be. What are you seeing in terms of trends with enterprise companies that they're missing around AI, especially around the national security conversation?

Rob Bair: Yeah. I'm not sure about how broad the understanding is about how fast things are moving in the AI-enabled cyber world right now. In late September of last year, Anthropic published what we called publicly GTG-1002, which was a Chinese nation-state actor utilizing Claude to do a fully autonomous cyber kill chain against both public and private sector organizations. And I think maybe even internally and as a community, we were caught off guard by how quickly we went from, like, you know, script kiddies to folks using AI to write functional ransomware. And then all of a sudden, we were watching a nation-state pop relatively mature or very mature cyber organizations fully autonomously. And I think we're just seeing the beginning of that trend now, and that's just going to continue. And so, you know, our partnership is so important because now we're fighting, you know, a nation-state using AI -- with defensive AI. Yeah.

Johnny Hand: That's a good point because I think when we talk to a lot of organizations, they're excited about the potential of AI, but we also know that we have to defend at the speed of machine. And that that's a big change. Are you seeing cybercriminals, other nation-state organizations that are trying to leverage, you know, the technology that you're partnered with Anthropic in other ways?

Rob Bair: Yeah. I mean, so you'll see just, you know, a fully autonomous kill chain that a nation-state has the ability to do, like, you know, some mature organization with very experienced operators. But we're also seeing, you know, ransomware actors with, you know, previously no ability to code. They don't know how the code functions. They don't know how it works, but somehow they're able to sell fully functional ransomware on the dark web. And when the ransomware breaks, they're asking, you know, AI, "How do I fix this tool?" And so I think we'll just continue to see this proliferation as, you know, as a service threats. And so, you know, you have ransomware as a service. Now, are we going to have, you know, tooling as a service, you know, what it looks like from a nation-state perspective? And so I think, again, figuring out what the telemetry looks like, you have three decades of, you know, telemetry, you're doing bug bounty programs, finding zero days. I think figuring out how we integrate AI into defensive operations is the only way that we're going to stop, you know, future criminals and nation-states.

Johnny Hand: Yeah, and one of the things I love about the partnership is -- between TrendAI and Anthropic is that we're focused on tackling the most challenging things together. And there's always the conversation of, like, whenever you look at, like, what adversaries are doing, you know, what the threat is, how you tackle that. I think we have this idea that AI is this, like, easy button. But ultimately, like, you still need the skills of, you know, the defender, right? And I think what you're saying is that we actually upskill people with the technology versus just, you know, trusting the system.

Rob Bair: Yeah. I mean, we're a Frontier model company. You know, Anthropic is going to continue to develop the best models and attempt to get to AGI first. And we're going to provide you those advanced models for you to integrate into operations. And you have a large R&D staff, a large cybersecurity staff that can take those Frontier models. And to your point earlier about the Navy and operationalizing things, you're operationalizing them on decades of experience and then deploying them into enterprises, which, you know, as a Frontier company, we're -- that's not our focus today. And so our partnership is so important to reduce the attack surface and really block threats out in the wild.

Johnny Hand: Yeah, it's a great point. And, you know, we were talking about operationalizing. So when you're dealing with, you know, large enterprises, especially that are focused on, you know, fed and gov spaces, like, what is the message that you're taking to them? And, like, where are they at in their maturity? Like, how are they responding to AI threats, but also the AI innovation?

Rob Bair: Yeah. I mean, you know, having spent over two decades in government and working in the executive branch and in the military, I think, you know, you and I recognize that the government doesn't move as quickly as we need it to move, right? And so, you know, I was a part of the small team that wrote Executive Order 14028, which was improving the nation's cybersecurity after, you know, a series of events, which was, you know, Colonial Pipeline, JBS Foods, SolarWinds. And I think, at the time, in around 2020, 2021, we thought that SolarWinds was going to be this, like, once in an administration opportunity to get this executive order out and approved. And the hits just kept on coming. And still, as a federal government, I don't think we moved as quickly as we needed to move. That is pre-AI, right? Now, we're in this AI-enabled era. And I think the federal government and large enterprises are working to figure out, like, "How do we move quickly to keep up with this pace?" And there are a lot of promising signs, you know, on the horizon, that the US government is going to adopt things quickly, but it just takes time.

Johnny Hand: Yeah. Yeah, I always try to temper and understand, like, what's the appetite for change? Because if there's a good appetite, then you can actually enact really good, you know, policy and start moving that ball along. But you're right. I think that was one of -- my experiences as well was, you know, the idea that we know we need to move fast, but it's a big ship. It's hard to move it quickly. So that's always a big challenge. And so, kind of jumping into that conversation around the risks and, you know, the movement of the government in general and those things, let's pivot a little bit to the excitement and also the anxiety around Mythos. And this model that was released, and the partnerships around that. Can you give us a little bit about what Mythos is and maybe what it isn't that people are missing?

Rob Bair: Yeah, I mean, I -- look, Mythos is just the beginning when it comes to more cyber capable models. As a consequence of models being really good at coding and really good at software engineering, those are the same types of analytical skill sets that you need when you want to do cyber operations, right? And so to identify vulnerabilities and then identify exploits or chain together exploits to move forward in the kill chain process. I think we, as Frontier labs, will continue to see those capabilities increase. And so, you know, Mythos for us, we did not make the model generally available. Because we saw how skilled it was as a cyber operator and a vulnerability discovery engine. So we wanted to release that model in a way that was responsible. And we had safeguards built in. And so we looked across companies who had the ability to reduce the attack surface and had critical software that affected, you know, the most Americans to make their cybersecurity lives safer. And so, you know, as other Frontier labs and ourselves, we continue to develop more capable models in the cyber domain. I think the important thing is, is, you know, we developed the responsible scaling program, RSP, which is all about safety in models. And so we're going to need to make sure that we have safety and safeguards to identify incidents like GTG-1002 like we talked about earlier, and block those before they become a thing.

Johnny Hand: Yeah, you hit on a couple really interesting pieces. One is the discovery conversation. And I think, what everyone gets really excited about or, even anxious, around, you know, the Mythos conversation or these foundational, you know, tools is that, oh, there's an onslaught of, you know, of discovery that's coming. And, you know, it's interesting because when we talk about it, we -- you know, there's core tenets to a security program. And as good as discovery is, we want to find those things early. You know, that's part of the partnership that you're doing with, you know, with Mythos, is early discovery and notification. We've operated ZDI for over 20 years. And one of the things that we found is, you know, there's a large gap between discovery and actually remediating. And, I think that's the -- the message, right, is, like, "Hey, we're going to get really good, and we're going to see more and more discovery, but now we have to learn how to close the gap." Are you having those conversations around Mythos with, you know, in the national security space around the later part, which is not just the discovery, but the actual remediation?

Rob Bair: Yeah, that's a great point. And when, you know, you and I were in uniform, I think, you know, patching was always, you know, the bane of our existence, right, where you were tracking it on an Excel spreadsheet. But the vulnerabilities came at a pace which were unmanageable even at that time, right? We couldn't patch fast enough. And now, we're in this space where we're going to see probably tens of thousands of vulnerabilities in software. You know, we found bugs in software dating back, you know, like, almost 30 years, 27 years, 15 years, that pen testers and vulnerability researchers have been looking at forever, and they haven't found these bugs. Now, we're finding them. We're finding them at a speed that's unprecedented. And to your point, I think the difficult thing is now getting those vulnerabilities discovered, but then developing a patch for it, and then really getting that patch deployed to the end user. And so that's always been a bottleneck. And now we've even increased that bottleneck by, you know, finding vulnerabilities at a speed which we haven't seen in the past.

Johnny Hand: Yeah, there's an oncoming flood of discovery, right? But you hit on something earlier, around, you know, responsible, right? You talked about the responsible program. Can you expound a little bit on that and what that means for, you know, enterprises, and especially in the federal space?

Rob Bair: Yeah. I mean, look, responsible disclosure, like we're working closely with, you know, partners and vendors in the program. And we've also made generally available Claude security, which allows companies to quickly scan code bases that are proprietary and find vulnerabilities in those and patch them. So, you know, we're an enabler of vendors and security providers to then go and help them fix, you know, vulnerabilities in their critical software. And so, you know, we want to work with vendors as closely as possible to say, like, "We'll give you the capability. You have to go and scan your software, fix those vulnerabilities, and then, you know, work with whether it's the federal government or the private sector to go and get those patches into the hands of the end user," which, again, is the most difficult thing.

Johnny Hand: Yeah, that's the life cycle that I think we don't often talk about. And I think anyone that's been in cybersecurity for years, especially with the speed and pace of AI, is, like, "I love the discovery pace. I want to understand, you know, as early as possible what bugs are out there and is there, you know, an attack path." But then we have to get to the real work. And the real work is the hardest part, which is like, "Can we patch these? Can we move in an environment and, like, you know, move to our production, get these applied, and work on that?" So the responsible disclosure is important. It's a good conversation. And then that allows the, you know, security operators to actually look at their environment, contextualize it, and say, "Okay. Right. Now, I have to do something about this."

Rob Bair: Yeah, I mean -- I think years ago, when we were in uniform, we talked about defense in depth. Like, that was, like, the whole thing in the Navy was defense in depth. And I think -- I mean, that being brilliant at the basics, one, which is, you know, figuring out how you patch. Still very, very important when it comes to preventing exploitation on your networks. And two, it's having partners like TrendAI and having the ability to either block proactively threats or detect things that are zero days. Like your research and development teams are doing today, like, that is still -- that still holds true today.

Johnny Hand: Yeah. I love that statement of, you know, being brilliant, right, at the basics. Because I think sometimes we feel like -- I normally, like, catalog most of what we do into the three categories of, like, people, processes, and technology. And we often think that there's going to be a technology that's just going to fix things, right? And so in this case, you know, we're talking about Mythos, and the discovery factor is, you know, exponentially increased. But we still have to get to the basics. We still have to be able to patch and remediate. And, being really, really good at the simple things, the core foundational items are really what sets you apart. From a security practitioner, maybe for security listener -- or leaders that are listening to this podcast, could you provide, like, one or two, you know, key takeaways, if you will, around Mythos and, like, how do you shore up and firm up your programs?

Rob Bair: Yeah. Look, again, like I said, Mythos is just the beginning. I think figuring out how you integrate Frontier models into your security program is extremely important, whether that's for, you know, vulnerability research or figuring out how you use agents to help you patch in a very efficient way. I think that's really important. I think understanding the speed at which things are happening, right? Like, we saw a step change function from, you know, Opus 4.6 to Mythos Preview in its ability to do cyber-related tasks. And you see other Frontier labs releasing models that are also step-changing capable. So I think just understanding the speed and where we're going to be potentially at the end of, you know, 2026, end of 2027 with AI-enabled tools, you need to start that integration now. And if you're not moving at the speed of AI and you haven't integrated into your SOCs yet, you know, a company that's rebranded to TrendAI after, you know, three decades in operation, I mean, that's pretty telling to me, like, where this field is going.

Johnny Hand: Right. So, Rob, as we wrap up today, we normally ask our guests, is there one key takeaway or one, maybe one thing that we didn't cover that you'd like to highlight and talk about?

Rob Bair: Yeah, I mean, I think, you know, Mythos Preview has been the topic of conversation since April 7, when we released it publicly. I think what we're missing in that conversation is actually integrating other Frontier models into your security posture, right? And so we released Claude Security that I mentioned earlier. So figuring out how you're going to operate in the world of AI with non-Mythos models is extremely important, right? And so we're making those models generally available so security practitioners can figure out how they're going to integrate into their workflows. And we would love to see that proliferate even more than it is today.

Johnny Hand: Yeah, there's an opportunity to use, you know, the bevy of tools to really level yourself up as a practitioner. [ Music ]

Dustin Childs: Well, Johnny, that was a really great discussion. And I really appreciated the part about the GTG-1002 disclosure. I mean, where you have a nation-state running a fully autonomous kill chain using a Frontier AI model. And that, to me, goes beyond just another threat report, and it's really a meaningful line being crossed.

Johnny Hand: Yeah. And it's a differentiated message with Mythos as well. And Rob actually hit it right on the head. He said, "You know, this isn't the end of cybersecurity. This is actually the ground floor." And that really reinforces what's always been true. And we have to understand that while discovery is getting faster, we still have to see discovery through remediation. And that's something that our TrendAI Zero Day Initiative team has been doing for over 20 years.

Dustin Childs: Yeah, and just like we saw at Pwn2Own Berlin, I mean, AI-enabled offense is certainly here, and it's going to stay. But it really just requires AI-enabled defense at scale to counteract that. That's one of the reasons that TrendAI has partnered with Anthropic to understand these Frontier models and to make sure that they meet operational deployment.

Johnny Hand: Yep. And a key takeaway for our listeners, if you haven't started integrating AI into your security operations centers or your security workflows, you have to start now. So I'd like to thank Rob Bair for such a great conversation. If you'd like to learn more about Rob and his work with Anthropic, or how to access additional resources related to our partnership, please see the show notes for those.

Dustin Childs: Yeah. We'll also link to an on-demand webinar Johnny and I delivered on how Mythos raises the stakes for cybersecurity, plus links to nation-state and AI-related threat research. So go check those out.

Johnny Hand: And that does it for another episode of AI Security Brief. We want to thank you for joining us. Our goal is to host conversations that have you thinking differently about security. And if it does, consider subscribing so you don't miss what's next.

Dustin Childs: AI Security Brief is mixed and produced by Elliott Peltzman, with original music by Amneajynx. Our executive producer is Jennifer Eiben, with content strategy by Ma'ayan Plaut and Melanie Gallant. Additional production help by Liz Stokes. Video editing by Sarelle Joppy and Brigitte Criqui-Wild.

Johnny Hand: Thank you so much for listening, and we'll see you next time on AI Security Brief. [ Music ]