Top cybersecurity chief warns of AI dangers amid delayed rollout of Anthropic's Mythos model
Mr Horne said AI did not yet constitute a national security threat in his view because the new models were "not finding new attacks, they're just exposing more security vulnerabilities".
The UK's top cybersecurity chief has warned that organisations need to improve cyber defences with much greater urgency amid the delayed rollout of Anthropic's Claude Mythos model.
Listen to this article
Richard Horne, the head of the National Cybersecurity Centre, said models like Claude Mythos were "warning shots" about the risks of powerful Artificial Intelligence (AI) and that organisations needed to update cyber defences with "10 times urgency".
Mythos is the latest model developed by leading AI firm Anthropic, which forms part of its wider system called Claude.
Anthropic said the powerful tool could handle hacking and cybersecurity tasks better than humans, creating concern about the potential danger to digital services.
Read more: Landlord British Land hikes guidance amid strong demand from AI firms Read more: Income tax will be dead within five years as AI jobs crisis grows, says Monzo founder
The company has not released Mythos to the public and has only made it available to a select group of companies, including the UK AI Security Institute, which separately confirmed its assessment.
Mr Horne said AI did not yet constitute a national security threat in his view because the new models were "not finding new attacks, they're just exposing more security vulnerabilities".
He continued: "We're in a kind of perfect storm where we have two forces - one huge technology disruption, one rising geopolitical tensions, and they come together. And cybersecurity's in the middle of them."
Read more: Tech secretary to launch £500 million Sovereign AI Unit to help British firms
Read more: AI chatbots often ‘hallucinate’ and give inaccurate medical information, study says
However he told Sky News that "where organisations are reliant on technology that they haven't patched, haven't updated with the latest security updates. That will be exposed."
"Where tech producers are shipping code that has this poor quality and has security bugs in it. That will be exposed.
"And where organisations have old, obsolete technology that can't be updated, it can't be patched. That will be exposed."
He said organisations would need to "focus on how they execute the application of security updates as quickly as they can."