- What I tried: I looked at how Anthropic, OpenAI, and Google are handling new models with stronger cybersecurity abilities, especially Anthropic’s Mythos, OpenAI’s cyber-capable Codex line, and Google’s Gemini frontier safety work.
- What I learned: Anthropic is taking the most cautious route right now by not broadly releasing Mythos. OpenAI is still deploying powerful models, but with gated access, monitoring, and refusal systems. Google is leaning hard on evaluation thresholds and says Gemini 3.1 Pro remains below its cyber critical-capability level, even though earlier Gemini models crossed an alert threshold.
- How to apply it: If you run a small business, this is your reminder to treat AI like a sharp tool, not a toy. Ask two questions before using any advanced AI system: What can this help us do faster? And what guardrails do we need before we trust it with anything sensitive?
A lot of AI news feels far away from normal business life. This one doesn’t.
This week I spent time looking at a question that sounds dramatic, but is actually pretty practical: if AI models are getting good enough to find and exploit security flaws, are the companies building them acting responsibly?
Anthropic is the clearest case of, “Okay, this got real.” The company says its unreleased Claude Mythos Preview found thousands of high-severity vulnerabilities, including some in every major operating system and web browser, and it does not plan to make the model generally available. Instead, it launched Project Glasswing and limited access to partners working on defensive security. Anthropic also says Mythos is its best-aligned model yet, while also saying it may pose the greatest alignment-related risk of any model it has released. That is a pretty honest sentence, frankly.
OpenAI feels more like, “These models are dangerous, so we’re building traffic control.” OpenAI says GPT-5.3-Codex is the first model it treats as High cybersecurity capability under its Preparedness Framework. It has added trained refusals for clearly malicious tasks, classifier-based monitoring, trusted-access identity checks, and enforcement for suspicious use. GPT-5.4 Thinking builds on that with message-level blocking and account-level review. That tells me OpenAI is not stopping at the curb. It is moving forward, but with a growing stack of controls.
Google’s posture is different again. DeepMind has a formal Frontier Safety Framework with critical capability levels. In Gemini 3.1 Pro’s model card, Google says the model remains below the cyber critical threshold, even though Gemini 3 Pro had already crossed the alert threshold and required additional testing. At the same time, Google’s own threat intelligence team says government-backed attackers have already misused Gemini for scripting, reconnaissance, vulnerability research, and post-compromise activity. So Google sounds measured, but the real-world misuse is already here.
And what about OpenAI’s reported upcoming model, “Spud”? From what is public right now, “Spud” looks like an internal codename reported in the press, not a model with a public safety card yet. So I would be careful not to overstate what we know there. The stronger evidence is in OpenAI’s published cyber safety work around Codex and GPT-5.4.
So, are these companies being responsible?
Somewhat. Anthropic looks the most cautious on release. OpenAI looks the most operational about safeguards. Google looks the most framework-driven. All three are doing real safety work. All three are also still in a race. And that race matters, because when labs compete hard, the line between “careful deployment” and “we’ll fix it while shipping” can get thin fast. That tension is not imaginary. You can see it in the safeguards themselves.
This matters because… small businesses will feel the downstream effects of this long before they ever touch a frontier model directly. Better AI can help defenders patch faster, but it can also lower the skill needed for attackers. Clarity, good access controls, and basic cyber hygiene are not optional anymore.