Recently, Anthropic, a leading artificial intelligence (AI) firm, has opened the doors of its Project Glasswing to the European Union’s cybersecurity agency, ENISA. This initiative is pivotal in providing organizations with controlled early access to Mythos, an AI model designed specifically for identifying vulnerabilities in software.

The offer was confirmed by Laura Heuvinck, a spokesperson for ENISA, who stated on Monday that the agency is currently evaluating how this potential access will be structured, including the conditions attached. Heuvinck expressed, “They have invited us to have access and we are looking at the way the potential access would work – the conditions and so on.” This recent development was initially reported by Bloomberg earlier in the day, highlighting the significance of Anthropic’s move in the cybersecurity landscape.

Just two months prior, Anthropic announced the existence of Mythos Preview, stirring considerable excitement and activity within the cybersecurity domain. Mythos represents a fundamental advancement in the capability of generative AI models, empowering them to detect and exploit software vulnerabilities with unprecedented efficiency. This has raised alarms across various sectors about the potential misuse of such powerful tools, particularly as access could be granted to individuals with limited technical expertise.

For several months, Anthropic has withheld access to its Glasswing and Mythos offerings from institutions based in Europe, resulting in mounting pressure on the European Commission from lawmakers. This situation raised serious concerns regarding the continent’s vulnerability to cyber threats. In May, Henna Virkkunen, the Executive Vice President of the Commission, indicated that both public and private organizations would need to rely on “already-available advanced cyber tools” to scan for vulnerabilities in their systems.

Additionally, in mid-May, OpenAI, a competitor to Anthropic, announced it would provide the European Commission access to its new GPT-5.5-Cyber model, which possesses capabilities comparable to those of Mythos. The decision by OpenAI to restrict access to its advanced bug-hunting model has heightened the competitive tension surrounding these powerful AI tools.

As discussions regarding the utilization of the OpenAI model continue, it remains unclear which specific European agency will secure access. However, it is anticipated that the Commission’s nascent AI Office may gain the authority to demand access beginning in August, with ENISA also being a viable candidate for utilization.

Heuvinck indicated that ENISA is actively engaging with both Anthropic and OpenAI to finalize the access terms. Although she mentioned that both parties have conditions to meet, she refrained from disclosing specifics. Heuvinck added, “We hope to have some more news in the coming days or weeks.” A request for comment from Anthropic went unanswered.

The emergence of these AI models has sparked particular concern within the financial sector. Institutions such as the European Central Bank, the International Monetary Fund, and Germany’s financial regulator Bafin have all issued urgent warnings in recent weeks about the implications of sophisticated AI tools on cybersecurity.

Currently, European banks do not have access to Mythos. However, France-based Mistral has developed a competing model and is in talks with banks like BNP Paribas, aiming to provide essential tools to strengthen their cybersecurity defenses. Marc Camus, BNP’s Chief Information Officer, noted at a recent press conference that “the game changer is the speed at which we have to address vulnerabilities and the scale. There are lots of them discovered at once.” He emphasized the necessity for rigorous preparation in face of this challenge.

In conclusion, as Anthropic makes strides towards integrating its advanced AI capabilities into the European cybersecurity framework, the dynamics between regulatory bodies and AI firms will continue to evolve. The ongoing discussions among ENISA, Anthropic, and OpenAI reflect a crucial phase in balancing innovation with security in an increasingly digital world.