Anthropic’s new cyber tool, Mythos, is making major U.S. banks speed up and change how they handle cybersecurity. Several of the country’s largest banks using Mythos are finding many IT vulnerabilities and quickly making repairs and software updates. Some of these changes could cause short-term disruptions for customers.
This pressure is spreading beyond the biggest banks. Large banks are sharing what they learn with smaller banks that do not have direct access to Mythos, helping them get ready.
This matters because cybersecurity experts say Mythos creates “significant challenges” for older banking technology. Banks now have to move faster, since Mythos can find weak spots much more quickly than older security methods.
Why Mythos is changing the pace
Some of the worry comes from how Mythos works.
Reuters said banks testing the tool find it is very good at chaining together lower-risk vulnerabilities into bigger risks. This is making teams review their systems to upgrade software and fix weak spots.
One source told Reuters that Mythos is finding “several hundred to thousands” of low- to moderate-risk issues that now need to be fixed, sometimes in just days instead of the weeks banks used to take.
Nitin Seth, co-founder and CEO of Incedo, shared this is “a wake-up call” because cyber risks are now moving at “machine speed,” while banks still defend themselves at “human speed.”
Yahoo!Finance also said Mythos is very good at finding problems in both private and open-source code, which is pushing banks to update old technology that may soon lose support.
Smaller banks are shut out for now
The cost and technical needs of Mythos are another concern. Smaller banks often cannot use Mythos because they lack the computer power and because it is expensive.
Anthropic says Mythos costs $25 per million input tokens and $125 per million output tokens, which is five times more than their Opus 4.7 model. Anthropic plans to give $100 million in credits to Glasswing partners and other Mythos customers, but access is still limited.
Anthropic initially restricted Mythos to partners in its Project Glasswing initiative and around 40 additional organizations. JPMorgan Chase was a publicly named launch partner, while Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley also have access.
That leaves the industry in an uneven position: the biggest institutions are already learning from the tool, while smaller banks are relying on secondhand warnings and consultant advice.
A new source of operational strain
The worry is not just about what Mythos can find, but also about how fixing these problems will affect daily banking. The extra work could mean banks need to take systems offline more often, though one source said they will try to keep customer disruption to a minimum.
Bernard Montel of Tenable shared that “the backbone of the banking sector is technology,” so any disruption affects the core of the business, not just a side function.
This is why Mythos is more than just another AI tool.
For banks, it is now a test to see if cybersecurity teams can keep up as software flaws are found faster, linked together more quickly, and added to repair lists at a pace set by machines, not people.
