The Security Conversation Your Board Needs to Have This Quarter

Parts 1 and 2 of this series were written for security practitioners. This one is written for the people who commission security programmes, sit on risk committees, and ask the questions that determine whether those programmes are fit for purpose.

You do not need to understand how AI finds vulnerabilities in code. You do need to understand what changed last week, why it changes the risk conversation, and what you should expect your security leadership to be doing about it.

What Happened — The Version That Matters for Business Leaders

An AI system called Claude Mythos Preview, developed by the US company Anthropic, autonomously discovered tens of thousands of previously unknown security flaws across operating systems and software that most large organisations rely on. Some of these flaws had existed, undetected, for up to 27 years. The AI found them overnight, without specialist human involvement, and developed working attack code to exploit them.

Anthropic has restricted access to the model. They will not release it publicly. But they have stated that comparable capability is likely to be available from other AI providers within 6 to 18 months. Some of those providers will have less rigorous access controls. Some will have adversaries as customers.

That is the business reality. Everything that follows is about what it means for how you govern and resource your organisation’s security.

Why This Is Not Another “AI Changes Everything” Announcement

Security vendors have been forecasting AI-driven threats for years. Boards are accustomed to treating those forecasts as background noise, because most were about potential rather than demonstrated capability.

This is different in a specific way: these are not predictions. Mythos found a 17-year-old flaw in a widely deployed network file system and built an attack that grants unauthenticated administrative access — it did that, last week, in a documented, verifiable test. It found a 27-year-old vulnerability in the operating system widely regarded as the most security-rigorously reviewed in the world. The findings are a matter of public record in Anthropic’s system card.

The other difference: these offensive capabilities were not deliberately built. They emerged as a side effect of making the AI better at understanding code. That matters because it means no AI developer can credibly promise to train them out. The capability grows with general model intelligence, regardless of intent.

The Three Business Risks to Have on Your Register

Your People Are the Most Immediately Vulnerable Asset

The most immediate risk is not a sophisticated technical attack on your infrastructure. It is a phone call, an email, or a video message that convincingly impersonates someone your employees trust.

AI-generated deepfakes targeting financial institution employees increased by 243% last year. These are not crude fakes with obvious tells — they are sufficiently convincing that experienced professionals have authorised significant transactions on the basis of them. If your organisation processes high-value financial transactions, has employees in positions of authority over payments or data access, or operates in sectors that have historically been targeted by fraud, this is your most pressing near-term exposure.

Your Software Has Vulnerabilities Your Security Team Has Not Found

Every organisation runs on software. Some of it is current. Much of it is not — middleware that predates the current security team, custom integrations built for a previous technology generation, APIs that are technically internal but reachable from the network. The age of that software, and the fact that it has never been breached, has historically been used to justify lower testing priority. That justification no longer holds. An AI system finding 27-year-old vulnerabilities in the most carefully reviewed codebases in the world is a direct challenge to any risk assessment based on “if it were vulnerable, someone would have found it by now.”

The Security Programme You Are Funding May Be Calibrated for Last Year’s Threat

Penetration testing, incident response planning, and security awareness training were all designed and priced against human-operated threats operating at human speed. Last year, a state-sponsored AI campaign against 30 organisations executed the vast majority of its operation automatically, with human decision points at only 4 to 6 junctures in the entire chain. If your incident response programme assumes you have hours to detect and days to respond, it was not designed for that operating environment.

Five Questions Worth Putting to Your Security Leadership

Has our penetration testing programme been updated to account for AI-enabled attack vectors? If the last programme design pre-dates 2025, the answer is almost certainly no.
At what point does our incident response break down if the attacker is operating at machine speed rather than human speed? Ask for a specific answer, not a general reassurance.
Which systems in our estate have not had a deep security review in the past five years? Particularly systems that are network-accessible or hold sensitive data.
Are our social engineering defences realistic about the current threat? Training designed to spot typos and suspicious domains is not adequate for AI-generated impersonation.
Do we have an inventory of every AI system deployed in our environment, and has each been assessed for the specific vulnerability classes AI systems introduce? If the inventory does not exist, that is where to start.

THE WINDOW FOR PREPARATION IS SPECIFIC

Anthropic estimates 6–18 months before comparable AI capabilities are available elsewhere. Some of that capability will reach adversaries. Organisations that use this window to close the gaps in legacy exposure, testing coverage, and response speed will be in a materially different position from those that treat this as background noise until something goes wrong. The cost of preparation now is a fraction of the cost of response later.

What We Recommend — and What Good Looks Like

We are not going to list five services with a contact form. We will say this: the organisations that respond well to shifts like this share a common characteristic. They start with an honest assessment of where they actually are — not where their last audit said they were — and they move from that point with urgency rather than waiting for the next planning cycle.

A structured AI Threat Readiness Assessment gives your board a documented picture of your exposure and a prioritised roadmap. Updated penetration testing with AI-enabled vectors gives your security team a realistic view of what an adversary with current tools can reach. Modernised social engineering simulation tests your people against the threat they are actually facing.

None of this requires a wholesale programme rebuild. It requires a clear-eyed view of what has changed and where the current programme does not account for it.

ARRANGE A CONVERSATION

Contact your A&O IT Group relationship manager or reach us at corsaire.com to arrange a confidential discussion. We operate from the UK and UAE and maintain a full-time presence across the Gulf region. We would rather have this conversation now, before there is a specific incident to respond to.

Contact the Team

ABOUT CORSAIRE

Corsaire is the specialist security testing and assurance division of A&O IT Group Plc, operating from the UK and UAE. We provide independent penetration testing, red team exercises, AI/LLM security assessments, and security consultancy services.