For more than a decade, financial institutions have managed cyber risk on a shared assumption. The skills needed to find serious software vulnerabilities and turn them into working attacks were scarce. That scarcity made exploitation expensive, slow and difficult to scale. As a result, patch cycles measured in weeks, and long‑standing risk exceptions, were seen as an acceptable trade‑off. That assumption no longer holds.
A frontier artificial intelligence model has demonstrated the ability to discover and chain zero‑day vulnerabilities at machine speed and at marginal cost. As this capability becomes more widely available, the patch service‑level agreements and accepted legacy risks that many firms quietly rely on will no longer stand up. Vulnerability management has therefore moved from a technical discipline to a board‑level operational resilience concern. We expect supervisors in the United Kingdom, the European Union and the United States to land in the same place.
This note is written for chief information security officers, chief information officers and risk committee chairs who need to explain to their boards what has changed, and what now needs to happen.
What triggered the shift
In early April 2026, the United States Treasury Secretary and the Chair of the Federal Reserve convened an unannounced emergency meeting with the chief executives of the largest globally systemically important US banks. The agenda was not interest rates, trade or geopolitics, but a single unreleased artificial intelligence model: Anthropic’s Claude Mythos Preview.
Within days, the Bank of England’s Cross Market Operational Resilience Group and its AI Taskforce were preparing briefings for UK banks, insurers and financial market infrastructures, alongside the Financial Conduct Authority, His Majesty’s Treasury and the National Cyber Security Centre.
A decade of vulnerability‑management programmes has relied on the belief that defenders would stay ahead because offensive capability remained scarce and patch windows held. That belief is now under pressure.
For boards, the key question is not what Mythos is. It is what its existence makes untenable. A decade of vulnerability‑management programmes has relied on the belief that defenders would stay ahead because offensive capability remained scarce and patch windows held. That belief is now under pressure.
What makes Mythos different
Anthropic has chosen not to release Mythos for general use because of its cyber capabilities. In weeks of internal testing, the model identified thousands of previously unknown vulnerabilities across every major operating system and web browser. This included a flaw in OpenBSD that had existed for twenty‑seven years. The model also demonstrated the ability to chain vulnerabilities into working privilege‑escalation and remote‑code‑execution exploits.
Access to Mythos has been tightly controlled through Project Glasswing and limited to around forty organisations. These reportedly include major technology providers and several globally systemically important banks testing the model for defensive use. Anthropic’s own evaluation flagged rare but high‑severity alignment failures and signs of situational awareness. This underlines an important point: containing such models is itself a control objective, not an assumption.
Why this breaks existing assumptions
Mythos is the first widely discussed frontier model that is both a world‑class defensive tool and a plausible weapon in the hands of a motivated adversary. For financial services, three assumptions that have underpinned vulnerability management for more than a decade break at the same time.
Discovery is no longer limited by human expertise: A single model can analyse millions of lines of code, generate hypotheses, build proofs of concept and reproduce them at machine speed and minimal marginal cost.
Exploitation is no longer limited by scarce talent: Chaining vulnerabilities into working exploits, once the preserve of elite red teams and nation‑state actors, is now demonstrated end to end by an artificial intelligence agent.
Patch cycles measured in weeks are no longer safe: As Mythos‑class capabilities spread, firms can no longer assume that compensating controls, segmentation or accepted legacy exceptions will hold for the time it takes to patch.
What this means in practice
Sector bodies in the United Kingdom, the European Union and globally are converging on the same conclusion: traditional approaches to vulnerability management no longer hold. The shift required is not incremental. It is structural.
The table below summarises how expectations are moving, drawing directly on guidance and sector advisories.
From traditional vulnerability management to the Mythos era
Capability area
Where most financial services firms are today
Where the Mythos era demands they be
Vulnerability prioritisation
CVSS‑led scoring; remediation service‑level agreements measured in weeks to months; known‑exploitable backlogs accepted as compliance debt.
Assume exploit logic on every finding; remediation measured in days to hours; automated triage; backlog treated as operational risk and reported to the board.
Perimeter and attack surface
Periodic external attack‑surface reviews; partial web application firewall coverage; legacy N‑5 and older platforms tolerated through exceptions.
Real‑time visibility of internet‑facing assets; modernised web application firewall and content delivery network edge; minimum N‑2 currency standard; internal deception tripwires.
Defend‑and‑detect posture
Detect, then remediate; security operations centre response measured in minutes; reliance on compensating controls.
Contain and block by default through segmentation, runtime application protection and pre‑authorised automated containment playbooks.
AI in the blue team
Ad‑hoc pilots; ungoverned developer use of AI coding tools; limited assurance over model outputs.
Production‑grade AI‑assisted triage, red‑teaming and secure‑coding support, with explicit guardrails aligned to the Cross Market Operational Resilience Group Shared Responsibility Model.
Collective defence
Intelligence sharing treated as reporting overhead; supplier assurance refreshed on annual cycles.
Financial Services Information Sharing and Analysis Center, Cross Market Operational Resilience Group and National Cyber Security Centre channels integrated into the control environment; third‑party tiering refreshed against AI‑era exposure.
This is why supervisors are reframing vulnerability management as an operational resilience issue. The test for boards and risk committees is no longer whether a programme exists, but whether its remediation speed, backlog and exception register would stand up to supervisory scrutiny today.
A ninety‑day agenda for boards
Based on what we see across the sector, five actions now matter most.
Clear the backlog: Known exploitable vulnerabilities should be addressed as a priority. The aim is to reduce avoidable exposure before Mythos‑class capabilities become more widespread.
Reframe prioritisation and service levels: Move beyond vulnerability scoring alone. Assume exploitability, compress service‑level agreements and report remediation speed and backlog as reliability indicators to the board.
Harden the perimeter and the interior: Modernise web application firewalls and content delivery networks, adopt a minimum N‑2 currency standard, strengthen segmentation, and deploy runtime protection and internal deception controls.
Deploy defensive artificial intelligence with clear governance: Introduce AI‑assisted triage, red‑teaming and secure‑coding support, aligned to regulatory expectations and the shared responsibility model.
Embed collective defence: Integrate Financial Services Information Sharing and Analysis Center, Cross Market Operational Resilience Group and National Cyber Security Centre channels into the control environment, and refresh third‑party tiering against AI‑era exposure.
The conversation we want to have
We see this shift as an operational resilience challenge, not a procurement exercise. Projective Group is already working with UK and EU financial institutions across three connected areas.
Strategy
Cyber‑risk and artificial intelligence‑risk assessments, and target operating model design for AI‑enabled vulnerability management, aligned to the Digital Operational Resilience Act, the Network and Information Systems Directive and Bank of England expectations.
Transformation
Vulnerability‑management redesign, segmentation and perimeter strengthening, exploit‑prevention uplift, and governed deployment of defensive artificial intelligence.
Assurance and regulatory engagement
Third‑party and supply‑chain tiering, artificial intelligence usage guardrails, and preparation for sector‑wide testing regimes under active consideration.
Supervisors are moving from monitoring to active engagement. Organisations that move early will help shape what regulators come to expect across the sector.
About Projective Group
Established in 2006, Projective Group is a leading financial services consultancy.
We are recognised across the European industry for turning complex challenges and emerging themes into clear, pragmatic solutions. With deep roots and trusted relationships in financial services, we bring hands-on expertise across key domains. We support the full journey of change: shaping strategy, delivering complex transformation or building long‑term capability through managed services, staffing and training. Our purpose is simple: to empower financial services to shape the future of wellbeing, prosperity, and innovation.
Sources:
[1] Bloomberg, Reuters, CNBC, Fortune and Financial Times reporting (April 2026) on the Treasury / Federal Reserve meeting with major US bank CEOs; Sullivan & Cromwell client memo, “Treasury Secretary and Federal Reserve Chair Warn Bank CEOs About Cybersecurity Risks Posed by Anthropic’s New AI Model” (April 2026).
[2] Anthropic, “Project Glasswing” and “Claude Mythos Preview” (April 2026), including Anthropic’s system card and Frontier Red Team technical report; Fortune (10 April 2026) on the 27-year-old OpenBSD vulnerability.
UK AI Security Institute evaluation of Mythos Preview (2026)
[3] FS-ISAC, Sector Risk Advisory: Preparing the Enterprise for AI-Enabled Vulnerability Discovery (2026)
CMORG AI Taskforce outputs — AI Baseline Guidance, Shared Responsibility Model, Strategic Risk Register 2025 v3
