Cybersecurity

Cyber resilience was always the goal. Frontier AI makes it urgent

Hands on a keyboard as AI-powered tools change the cyber landscape.

Frontier AI models can now discover and exploit vulnerabilities continuously and at scale. Image: Unsplash

Alex Spokoiny
Chief Security and Trust Officer, Check Point Software Technologies
This article is part of: Centre for Cybersecurity
  • Frontier artificial intelligence models can discover and exploit vulnerabilities continuously and at scale, shifting cyber risk from episodic and manageable to persistent and expanding.
  • Attack timelines are shrinking dramatically and sophisticated capabilities are becoming widely accessible.
  • To ensure cyber resilience, organizations need the ability to detect, contain and continue operating when incidents occur.

It has been several weeks since Mythos – Anthropic’s new artificial intelligence (AI) model – changed the conversation. The company claims the tool can perform the most advanced cybersecurity tasks, prompting market volatility, vendor responses and a wave of analysis about what happened and why it matters.

Much of that analysis focused on the threats Mythos was designed to combat. However, the more important shift is not just an escalation of cyber risk – it is a structural shift in how cyber risk is created. The response, therefore, cannot be incremental. It must reflect a transformation in how attacks are built, scaled and executed.

Frontier AI changes how cyberattacks are created and scaled

Claude Mythos is the first widely confirmed AI system capable of finding and exploiting software vulnerabilities at scale. It can uncover serious, previously unknown flaws, called “zero-days,” in major systems and autonomously chain them together to bypass multiple layers of defence.

In simple terms, it functions like a zero-day factory, continuously discovering new cyberattack methods.

The key shift is the move to continuous, automated discovery. Vulnerability identification is becoming persistent and effectively unbounded. This challenges a long-standing assumption in cybersecurity: that exposure can be measured, prioritized and reduced over time. At machine scale, the backlog expands rather than contracts.

Mythos is part of a broader trend. Similar capabilities are emerging across commercial and open-source models, embedding offensive capability directly into software.

Attacks that once required highly specialized expertise are now more accessible. The constraint is shifting from expertise to access – to models, compute and intent – creating a more complex and harder-to-contain risk environment.

AI-driven threats are breaking traditional security models

Cybersecurity has traditionally relied on a set of working assumptions that attackers operated at human speed, sophisticated attacks required scarce expertise and defenders had time to patch, detect and respond.

Those conditions are changing.

AI-driven attacks compress timelines from days to minutes, while the gap between sophistication and scale continues to narrow. As advanced models become more accessible, barriers to entry continue to fall.

At the same time, vulnerability discovery is becoming continuous. Security models have long depended on the idea that exposures could be identified and reduced over time. In this environment, exposure persists and must be managed as an ongoing condition.

Building cyber resilience for the AI era

Prevention remains essential. Keeping attackers out is still the objective. However, as advanced offensive capabilities become more widely available, the probability of breach increases.

The window between intrusion and impact is also shrinking. Security now operates as a real-time system that must function continuously under pressure.

Organizations need the ability to detect, contain and continue operating when incidents occur. That is the foundation of cyber resilience.

Two priorities help guide this shift.

First, defence needs to operate at machine speed. Detection, triage and initial response increasingly need to happen without waiting for human intervention, as response windows narrow. The role of analysts is evolving toward supervising systems, investigating edge cases and making higher-impact decisions.

Second, organizations should plan for breach scenarios. Threats can originate from compromised endpoints, suppliers or development tools, making containment-focused architecture essential.

5 priorities for AI-era cyber resilience

To operationalize resilience in this environment, five priorities stand out:

  • Operate detection and response autonomously. Move Tier-1 triage to automated systems, close logging gaps and automate vulnerability and alert processing.
  • Eliminate fixed patch cycles. When vulnerabilities can be exploited within hours, remediation must be continuous. Virtual patching and compensating controls become core defence mechanisms.
  • Strengthen foundational security controls. Enforce least privilege, ensure full endpoint detection and response coverage and apply multi-factor authentication consistently. Govern AI tools and developer plugins with the same rigour as any software.
  • Secure the ecosystem. Suppliers should demonstrate how they address AI-driven threats. Without a credible plan, they introduce risk into a shared attack surface.
  • Protect the software development pipeline. Enforce strict access controls, eliminate secrets in code and secure developer environments as attackers increasingly target earlier stages.

Organizations are already seeing the operational impact. Vulnerabilities disclosed in the morning are scanned and probed globally within hours. At the same time, alert volumes are increasing, making it more difficult to separate signal from noise.

As both attack activity and telemetry scale, maintaining trust in detection becomes as important as detection itself.

The question now facing every organization

This shift extends beyond large enterprises. Mid-sized organizations, public-sector entities and small- and medium-sized enterprises are often more exposed, as scalable attack capabilities are applied more broadly.

Within a short time horizon, any externally exposed vulnerability of meaningful impact will be discovered and tested by AI, regardless of who identifies it first.

This dynamic is already taking shape.

The question for security leaders is whether their organizations are prepared to operate under these conditions.

Cyber resilience was always the goal. Frontier AI makes it urgent.

Have you read?
Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Stay up to date:

Cybersecurity

Related topics:
Cybersecurity
Artificial Intelligence
Business
Share:
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
World Economic Forum logo

Forum Stories newsletter

Bringing you weekly curated insights and analysis on the global issues that matter.

Subscribe today

More on Cybersecurity
See all

Target-rich, cyber-poor: How to strengthen cybersecurity and build resilience in vulnerable sectors

Jason Ruger and Chiara Barbeschi

May 7, 2026

How AI could open up cybersecurity to a wider workforce

Empowering Defenders: AI for Cybersecurity

About us

More from the Forum

Engage with us

Quick links

Language editions

Privacy Policy & Terms of Service

Sitemap

© 2026 World Economic Forum