AI security leaders gather in Washington as risks mount—and Mythos raises the stakes

Welcome to Eye on AI, with AI reporter Sharon Goldman. In this edition: Top Republican pushes party to shun $300 million AI lobby…AI model scams are scary good….Anthropic’s new AI model sets off global alarms.

As Anthropic Mythos drove a fresh wave of headlines this week—highlighting both its advanced capabilities and how easily such systems could be misused—I made my way to a conference room just outside Washington, D.C. There, a cross-sector group of AI security practitioners, standards-setters, and policy experts had gathered to figure out what securing AI should actually look like.

Outside the industry, their acronyms—SANS, NIST, CoSAI, OWASP—may not mean much. Inside security, they help set the rules organizations around the world follow. But right now, those rules are struggling to keep up.

I had been invited to sit in on the discussion as organizations race to plug AI into everything—handing over sensitive data and critical workflows—even as those same systems are becoming more attractive targets for adversaries.

Leading the session was Rob van der Veer, chief AI officer at software platform Software Improvement Group and a founder of the AI Exchange at security community OWASP. Systems like Mythos, he said, are accelerating how quickly vulnerabilities can be discovered—and shifting the balance toward attackers.

“They show that weaknesses in AI systems can now be found faster and at scale—often before developers are aware of them,” he said. “This shifts the balance toward attackers and reduces the margin for error.” So far, concerns about Mythos have mostly focused on how good it and similar models are at finding so-called “zero-day” vulnerabilities in traditional software, but they can also discover vulnerabilities in the AI models and systems that enterprises are increasingly deploying across their organizations.

The problem is that most organizations aren’t ready to deal with most of the AI security concerns that are already clear and the emerging ones coming down the pike. There’s a growing need for practical guidance—how to identify AI-specific threats, and what to do about them. But the field remains fragmented, with overlapping frameworks, competing recommendations, and little agreement on where to start.

How to secure AI systems is still unsettled

Even some of the basics are still unsettled. What does it mean to measure whether an AI system is secure? How should that differ across use cases, infrastructure, or third-party tools versus underlying models? Should guidance focus on capabilities, or outcomes?

Gary McGraw, cofounder of the Berryville Institute of Machine Learning, pointed to a core gap: Today’s benchmarks tend to measure how well AI systems can perform security tasks—not how secure the systems themselves are.........

© Fortune