Episode Details

The UK government quietly confirmed an AI model just completed the hacking equivalent of a four-minute mile. Eleven of the largest companies on Earth already have a copy. The threat model you were operating under on Friday is not the one you are operating under today.

In this episode:

• What Claude Mythos actually did on AISI's 32-step "Last Ones" test — and why Anthropic's own safety team called it "the greatest alignment-related risk" they've released
• The Roger Bannister four-minute mile analogy — why one lab crossing a capability barrier changes what every other lab believes is possible
• Project Glasswing — the eleven companies with access (AWS, Apple, Cisco, CrowdStrike, Google, JPMorgan, Microsoft, NVIDIA, Palo Alto Networks, Goldman Sachs, Linux Foundation) and the oversight framework that isn't public
• Why your threat model shifted from nation-states to "everyone who has ever been angry at you and kept a copy of something"
• The three-step playbook to ask about by Friday: kill switches (1-10-60 rule, CrowdStrike/SentinelOne/Defender isolation), agentic security platforms reading your logs 24/7, and immutable 3-2-1-1 backups (Veeam, Rubrik, Commvault, AWS S3 Object Lock)
• The CEO mirror — a three-column credential audit to take into your next forum meeting

Key line: "The tool does the skill. The tool does the twenty hours of work. A motivated amateur with a Claude API key and a grudge is now a credible threat."

Cybersecurity used to be a specialist problem. It is now an operational problem. It belongs in the same meeting as insurance and succession.

The YPO Technology Network AI Brief is a daily, peer-to-peer podcast for YPO members (CEOs and Presidents of $13M+ companies) making sense of AI without the hype. Produced by BuildClub.