AI-Powered Cyber Tools Alarm Security Experts, Moving at Alarming Speed

The rapid advancement of AI-powered cybersecurity tools, such as Anthropic’s Mythos and OpenAI’s GPT-5.5, has raised significant concerns among federal agencies and security experts. These models, capable of identifying hidden software vulnerabilities and automating responses to threats, are not only revolutionizing cybersecurity but also lowering the barrier for potential attackers.

Speaking at the Qualys ROCon Public Sector 2026 conference in Tysons Corner, Virginia, Dan Richard, associate deputy director of the CIA’s Digital Innovation Directorate, emphasized the need for collaboration between public and private sectors to address these challenges. He likened the current situation to Ukraine’s response during Russia’s 2022 invasion, where partnerships with private vendors proved crucial. Richard stressed that 80% of critical infrastructure is privately owned, making such collaborations essential for national security.

Katie Arrington, former Pentagon CIO and now IonQ’s CIO, highlighted the alarming speed at which these AI tools are evolving. She noted that vulnerabilities once given 30 days to patch could now be exploited in as little as three hours due to the capabilities of advanced AI models like Mythos. This rapid pace is pushing federal agencies to rethink their cybersecurity strategies and adopt more proactive measures.

Joe Kelly, director of the Applied Research Laboratory for Intelligence and Security at the University of Maryland, expressed concerns about the potential misuse of these tools by less skilled attackers. He warned that AI models could empower “script kiddies” to cause significant damage, even without deep technical expertise.

Sumedh Thakar, CEO of Qualys, suggested that federal agencies must shift from reactive to proactive approaches in managing risks. His company’s TotalCloud tool, recently authorized for use in FedRAMP High environments, aims to automate vulnerability patching and reduce manual processes. Thakar emphasized the importance of leveraging AI to counter AI-driven threats, stating that “battle[ing] AI with the speed of AI” is no longer optional.

As these advanced tools continue to emerge, experts agree that collaboration, innovation, and preparedness are critical to safeguarding against the growing cybersecurity risks posed by AI.