Australia Regulator Calls for Urgent Cybersecurity Action to Counter Mythos

The Australian Securities and Investments Commission (ASIC) has sounded an alarm that could reshape cyber‑risk management across the nation’s financial sector. In a letter to banks, insurers and fintechs, ASIC Commissioner Simone Constant warned that frontier artificial‑intelligence systems such as Anthropic’s Mythos can generate exploitable code in minutes, compressing a twelve‑month risk horizon into days. The regulator highlighted uneven preparedness among firms and urged an “end‑to‑end” review of vulnerabilities before a low‑cost attacker weaponises them. This call for immediate action reflects a growing consensus that traditional security frameworks are ill‑suited for AI‑driven threats.

Mythos, a high‑capacity coding model released under Anthropic’s Project Glasswing, is currently limited to a handful of technology powerhouses—including Amazon, Microsoft, Nvidia and Apple—leaving most banks to fend for themselves. Macquarie Group’s CEO Shemara Wikramanayake disclosed that the bank is running extensive testing programmes to map potential weaknesses that Mythos could expose, noting that many of these flaws have existed for years. The model’s ability to scan codebases and suggest exploit‑ready modifications raises the stakes for institutions that have yet to integrate AI‑specific safeguards into their security stacks.

The ASIC warning underscores a widening gap between AI adoption in financial firms and the capacity of regulators to monitor emerging harms. A Cambridge Centre for Alternative Finance study found that banks are adopting AI at more than twice the rate of their supervisory bodies, with only two in ten watchdogs reporting “advanced AI adoption.” To close this divide, industry groups may need to develop shared threat‑intelligence platforms and enforce baseline AI‑risk assessments. Failure to act could erode consumer confidence and invite systemic disruptions, making proactive cyber‑resilience a competitive imperative.