Cyber Defense in the world of Mythos

A step change in cybersecurity

The cybersecurity landscape has always been shaped by the tools available to both defenders and attackers. In recent years, the advantage of scale belonged to the criminals: automated scanning tools, credential marketplaces and ransomware-as-a-service platforms allowed threat actors to operate at industrial volume with relatively modest technical skill. That dynamic could soon be amplified by a new category of frontier artificial intelligence models. The implications for organizations deserve serious attention.

Frontier AI models are large-scale systems trained on vast datasets to perform complex tasks across domains. Their capabilities in reasoning, pattern recognition and code generation have made them transformative tools for legitimate uses in medicine, science and business. They have also attracted serious concern from the security community and from the organizations building them because of what those same capabilities mean in the context of cybersecurity.

Claude Mythos and the Glasswing initiative

The model at the center of this concern is Claude Mythos, developed by Anthropic. Mythos is a frontier AI system that has demonstrated exceptional capability in cybersecurity-specific tasks, including the identification and exploitation of software vulnerabilities. Its performance in these areas is notable enough that Anthropic took an unusually cautious approach to its distribution.

Rather than releasing Mythos broadly, Anthropic made it available only to a small, vetted group of organizations through a controlled access program called Project Glasswing. The underlying concern is clear: in the wrong hands, a model with Mythos’ capabilities could meaningfully lower the barrier to conducting sophisticated cyberattacks.

Where we are today (June 2026)

For now, Travelers has not seen evidence of any significant recent change in threat actors’ ability to locate or exploit vulnerabilities. While ransomware activity has risen substantially, we attribute this trend to factors that are either unrelated or moderately influenced by AI tools. With the tools and marketplaces already at their disposal, threat actors have ample access to exploitable targets. If, however, an AI model that approaches the capability of Mythos was available to threat actors, three overlapping changes could upend this status quo:

Vulnerabilities could be found by threat actors that were previously unknown to researchers or security teams, leading to an increase in “zero-day” exploits (those in which exploits occur before a patch has been issued to fix the vulnerability).
Threat actors could use automation to bring down the cost, in time and resources, of exploiting certain types of vulnerabilities, leading to an increase in attacks on known vulnerabilities that didn’t make economic sense before.
When vulnerabilities are discovered by researchers and published on the Common Vulnerabilities and Exposures (CVE) database, the window of time between publication and active exploitation could shrink, giving organizations less time to react when information is published.

The good news is that since we are not yet seeing strong evidence of these kinds of changes, organizations have an opportunity to make changes now to harden their systems and improve procedures.

Recommendations for what organizations should do now

The following recommendations are drawn from Travelers’ ongoing analysis of cyber claims, threat intelligence and incident response data. They are prioritized based on their return on investment against the threat environment described above.

Accelerate patch management

Patch management has always been important. In an AI-accelerated threat environment, the timeline for applying critical patches must be treated as a hard operational deadline, not a best-effort target.

Establish a formal patch management policy that defines response times by severity, addressing critical vulnerabilities within 72 hours of release and all others on a defined monthly cycle.
Prioritize internet-facing systems, particularly virtual private networks (VPNs), firewalls and remote access infrastructure. As documented in Travelers’ recent Cyber Threat Reports, these have become the dominant initial access vector for ransomware groups.
Automate patch deployment where possible to reduce the dependency on manual processes and ensure accountability by assigning patch compliance ownership to a specific individual or team.
Track patch compliance rates and report them to leadership. If your organization does not currently know what percentage of its systems are running current patches, that is a significant risk indicator.

Deploy Managed Detection and Response (MDR) capabilities

As attackers move faster, the ability to detect and respond to threats in real time becomes more critical. Organizations that rely on periodic review of security logs are operating on a timeline that no longer matches the threat environment.

Implement an MDR solution that provides 24x7x365 active monitoring of your environment. MDR providers combine automated detection technology with human analysts who can investigate and respond to alerts around the clock.
Ensure your MDR solution includes endpoint detection and response (EDR) capabilities. EDR tools monitor device-level activity and can identify malicious behavior such as lateral movement or credential harvesting that may not be visible at the network level alone.
Use your EDR to its fullest extent. Some organizations spend good money on an EDR tool and then do not enable automated containment and response capabilities, choosing instead to have humans responsible for all responses. This approach will prove too slow as attackers begin to more fully automate their attacks.
Evaluate your MDR provider’s mean time to detect (MTTD) and mean time to respond (MTTR) against your own risk tolerance. In the current environment, minutes matter.
Make sure your MDR service has the necessary visibility into your remote access technologies. VPN and Secure Sockets Layer (SSL) VPN systems are high-value targets and should be part of any comprehensive monitoring program.

Harden authentication across the organization

A significant share of successful attacks, including many of the campaigns targeting VPNs, exploit weak or default credentials. Robust authentication controls remain one of the highest-return security investments an organization can make.

Require phishing-resistant multi-factor authentication (MFA) on all remote access points, email and administrative accounts. Short Message Service (SMS)-based MFA provides limited protection and should be replaced with an authenticator app or hardware key wherever possible.
Audit for default credentials across your environment on a regular basis, with particular attention to any systems that have recently been updated, upgraded or newly deployed. Failure to reset default administrative passwords following upgrades was a significant factor in recent attack campaigns.
Consider certificate-based device verification as a “third factor” for your most sensitive systems, requiring not just a password and one-time code, but confirmation that the connecting device is an approved organizational asset.

Maintain resilient backups and a tested recovery plan

Ransomware groups have increasingly targeted and destroyed backup systems before deploying encryption. This eliminates the victim’s ability to recover without paying. Resilient backups that follow this pattern are a critical hedge against worst-case scenarios.

Follow the 3-2-1 backup rule: maintain at least three copies of data, on two different types of media, with one copy stored offsite or in an air-gapped environment that cannot be reached from your primary network.
Test your recovery process regularly. A backup that has never been successfully restored is not a backup you can rely on during an incident.
Document and rehearse your business continuity and disaster recovery plan so that key personnel know their roles before a crisis occurs, not during it.

Update and test your incident response plan for AI scenarios

An effective incident response plan defines, in advance, how your organization will detect, contain and recover from a breach. Updating that plan to account for AI-related scenarios does not require starting over – you can add specific playbook entries for the new attack patterns AI introduces.

Add a specific playbook for AI tool compromise. If an attacker gains access to an account with access to an AI productivity tool, the response should include immediate revocation of that tool’s permissions, an audit of what the tool accessed during the window of compromise and an assessment of what data may have been exfiltrated using the tool’s capabilities.
Add a prompt injection scenario to your playbook covering how an attacker could manipulate agentic AI tools by injecting malicious instructions into content that is uploaded to them. The response steps should define how to detect anomalous AI tool activity and revoke autonomous action capabilities during an active incident.
Update your communications and escalation procedures to account for the faster pace of AI-assisted attacks, where compressed dwell times and amplified damage demand immediate action. Response teams need clear, pre-authorized escalation paths that allow containment without extended approval chains.
Ensure your plan addresses deepfake-enabled social engineering, as attackers increasingly use AI-generated voices and video to impersonate executives in ways that bypass standard verification. Define out-of-band verification procedures for any request involving financial transactions, credential changes or system access through unusual channels, even when the requester appears visually or audibly authentic.

Assess vendor and supply chain exposure

AI-assisted vulnerability discovery does not only affect your own systems. Supply chain attacks where threat actors exploit a vendor’s software to reach its customers downstream represent a growing share of cyber incidents.

Review the patch management and security posture of your most critical third-party software vendors. Ask specifically about their response times for critical vulnerability disclosures.
Understand what system access your third-party vendors and service providers have, and whether that access is appropriately controlled and monitored.
Consider requiring a Software Bill of Materials (SBOM) from vendors of critical software so that your team can quickly assess your exposure when a vulnerability in a specific component is disclosed.

Govern AI usage within your organization

The rapid adoption of AI tools within organizations is expanding the attack surface in ways that are only beginning to be understood. Unfortunately, frameworks built to govern conventional software can’t be easily applied, because they don’t consider the broad, open-ended possibilities of AI use – or the fact that AI outputs can vary widely even with similar instructions. There are many special considerations to include in AI governance.

Establish a clear policy governing AI tools: which tools employees are permitted to use and what categories of organizational data may be entered into those tools. Unofficial “shadow IT” AI usage is a significant and often underestimated risk.
Limit the permissions granted to AI tools integrated into your workflows. Tools should not be permitted to act fully autonomously in high-risk business or security tasks without human review.
Assess the AI tools in use at your organization against a rubric of three risk factors: access to private data, exposure to untrusted instructions and ability to act autonomously. Eliminating at least one of these factors from any tool will significantly reduce its risk profile.

Adopt a Secure Development Lifecycle (SDL)

A Secure Development Lifecycle is a set of practices that embed security review into every phase of how software is designed, built, tested and deployed. For organizations that develop their own software or manage custom applications, an SDL is among the highest-return investments available.

Conduct threat modeling at the design stage, before a line of code is written, to identify assets, attack vectors, and required controls from the start. This prevents the far more expensive process of retrofitting security into a deployed system.
Integrate static application security testing (SAST) tools directly into your development pipeline so that code is automatically scanned for known vulnerability patterns before it is merged or deployed. These tools are widely available and can catch a significant share of common flaws such as injection vulnerabilities and insecure authentication logic without requiring manual review of every commit.
Add dynamic application security testing (DAST) for actively running applications, which probes them the way an attacker would from the outside to find exploitable behaviors that SAST cannot catch. Both approaches address different vulnerability classes and are most effective when used together.
Require security-focused code reviews for any code that handles authentication, authorization, data storage, or external communications. These are the areas where exploitable flaws cause the most damage, and where the investment in additional review has the highest return.

Establish a vulnerability disclosure and response process

If an organization develops software or even if it makes use of file transfer software or other public-facing network infrastructure then it’s important to have a process for taking in vulnerability reports. Security researchers, customers, and employees may discover vulnerabilities in your systems before attackers do, so having a clear, well-publicized process for receiving and acting on those reports turns a potential liability into a defensive advantage. Organizations without a defined disclosure process risk having researchers bypass them entirely or, worse, publish findings publicly before a fix is available.

Publish a coordinated vulnerability disclosure (CVD) policy that gives researchers a clear point of contact, an acknowledgment timeline and a commitment to act on valid reports within a defined window. This signals to the security community that your organization takes these reports seriously and is worth engaging with.
Define a clear ownership model for vulnerability response so that triaging, remediation assignment and status reporting to leadership are never improvised. This structure becomes increasingly critical as the volume and pace of vulnerability disclosures continues to grow.
Consider a structured bug bounty program if your organization develops software used by external parties. Bug bounties incentivize researchers to report vulnerabilities to you rather than selling them elsewhere, and they provide an ongoing, adversarial test of your systems’ security that internal teams alone cannot replicate.

Travelers Cyber Risk Services

For additional questions, please reach out to the Travelers Cyber Risk Services team at cyberservices@travelers.com to request their new AI Risk Assessment Service.

Cyber Defense in the world of Mythos

A Best Practices Guide for Defending Against Accelerated Vulnerability Discovery and Exploitation

A step change in cybersecurity

Claude Mythos and the Glasswing initiative

Where we are today (June 2026)

Recommendations for what organizations should do now

Accelerate patch management

Establish a formal patch management policy that defines response times by severity, addressing critical vulnerabilities within 72 hours of release and all others on a defined monthly cycle.

Prioritize internet-facing systems, particularly virtual private networks (VPNs), firewalls and remote access infrastructure. As documented in Travelers’ recent Cyber Threat Reports, these have become the dominant initial access vector for ransomware groups.

Automate patch deployment where possible to reduce the dependency on manual processes and ensure accountability by assigning patch compliance ownership to a specific individual or team.

Track patch compliance rates and report them to leadership. If your organization does not currently know what percentage of its systems are running current patches, that is a significant risk indicator.

Deploy Managed Detection and Response (MDR) capabilities

Implement an MDR solution that provides 24x7x365 active monitoring of your environment. MDR providers combine automated detection technology with human analysts who can investigate and respond to alerts around the clock.

Ensure your MDR solution includes endpoint detection and response (EDR) capabilities. EDR tools monitor device-level activity and can identify malicious behavior such as lateral movement or credential harvesting that may not be visible at the network level alone.

Evaluate your MDR provider’s mean time to detect (MTTD) and mean time to respond (MTTR) against your own risk tolerance. In the current environment, minutes matter.

Make sure your MDR service has the necessary visibility into your remote access technologies. VPN and Secure Sockets Layer (SSL) VPN systems are high-value targets and should be part of any comprehensive monitoring program.

Harden authentication across the organization

Require phishing-resistant multi-factor authentication (MFA) on all remote access points, email and administrative accounts. Short Message Service (SMS)-based MFA provides limited protection and should be replaced with an authenticator app or hardware key wherever possible.

Audit for default credentials across your environment on a regular basis, with particular attention to any systems that have recently been updated, upgraded or newly deployed. Failure to reset default administrative passwords following upgrades was a significant factor in recent attack campaigns.

Consider certificate-based device verification as a “third factor” for your most sensitive systems, requiring not just a password and one-time code, but confirmation that the connecting device is an approved organizational asset.

Maintain resilient backups and a tested recovery plan

Follow the 3-2-1 backup rule: maintain at least three copies of data, on two different types of media, with one copy stored offsite or in an air-gapped environment that cannot be reached from your primary network.

Test your recovery process regularly. A backup that has never been successfully restored is not a backup you can rely on during an incident.

Document and rehearse your business continuity and disaster recovery plan so that key personnel know their roles before a crisis occurs, not during it.

Update and test your incident response plan for AI scenarios

Update your communications and escalation procedures to account for the faster pace of AI-assisted attacks, where compressed dwell times and amplified damage demand immediate action. Response teams need clear, pre-authorized escalation paths that allow containment without extended approval chains.

Assess vendor and supply chain exposure

Review the patch management and security posture of your most critical third-party software vendors. Ask specifically about their response times for critical vulnerability disclosures.

Understand what system access your third-party vendors and service providers have, and whether that access is appropriately controlled and monitored.

Consider requiring a Software Bill of Materials (SBOM) from vendors of critical software so that your team can quickly assess your exposure when a vulnerability in a specific component is disclosed.

Govern AI usage within your organization

Establish a clear policy governing AI tools: which tools employees are permitted to use and what categories of organizational data may be entered into those tools. Unofficial “shadow IT” AI usage is a significant and often underestimated risk.

Limit the permissions granted to AI tools integrated into your workflows. Tools should not be permitted to act fully autonomously in high-risk business or security tasks without human review.

Assess the AI tools in use at your organization against a rubric of three risk factors: access to private data, exposure to untrusted instructions and ability to act autonomously. Eliminating at least one of these factors from any tool will significantly reduce its risk profile.

Adopt a Secure Development Lifecycle (SDL)

Conduct threat modeling at the design stage, before a line of code is written, to identify assets, attack vectors, and required controls from the start. This prevents the far more expensive process of retrofitting security into a deployed system.

Add dynamic application security testing (DAST) for actively running applications, which probes them the way an attacker would from the outside to find exploitable behaviors that SAST cannot catch. Both approaches address different vulnerability classes and are most effective when used together.

Require security-focused code reviews for any code that handles authentication, authorization, data storage, or external communications. These are the areas where exploitable flaws cause the most damage, and where the investment in additional review has the highest return.

Establish a vulnerability disclosure and response process

Define a clear ownership model for vulnerability response so that triaging, remediation assignment and status reporting to leadership are never improvised. This structure becomes increasingly critical as the volume and pace of vulnerability disclosures continues to grow.

Travelers Cyber Risk Services