SecurityQuick Answer. For most of my career, cyber conflict has been defined by speed. The last few months changed that framing. Scale and autonomy are now moving alongside speed, and the relative emphasis among the three is shifting in real time. The signals are no longer hypothetical: Anthropic’s Mythos Preview disclosure, the Project Glasswing defensive coalition, the GTG-1002 state-sponsored intrusion attribution, the FY 2026 NDAA directing the Department of Defense to develop an AI cybersecurity framework, and the NIST AI Agent Standards Initiative all point at the same thing. AI cyber doctrine is forming in plain sight.
In this Foundry Expert Contributor piece for CSO Online, I argue that doctrine in cybersecurity rarely arrives through formal announcement. It emerges through repeated behavior under operational pressure, through choices capable actors make when no one is telling them to stop. By that standard, we are now past the experimental phase. The Mythos model reportedly surfaced thousands of high-severity vulnerabilities autonomously, including a seventeen-year-old remote code execution flaw in the FreeBSD NFS server (CVE-2026-4747) identified and exploited after a single prompt. The defensive Project Glasswing coalition assembled by Anthropic includes AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, with roughly $100M in usage credits and $4M in donations to open-source security work. That is a coordinated reaction to a threat model that has already moved.
Three operational principles are now visible in how serious actors are organizing their programs. Speed over stealth: in an environment where exploit windows compress from weeks to hours, operating faster than the defender can respond is more valuable than remaining undetected. Adaptive systems over static controls: playbooks that assume attacker behavior will repeat are already brittle. Probabilistic defense: zero-loss security was always a marketing ideal, but the mismatch is acute now. The realistic objective is bounded loss, with optimization for detection, containment, and minimized blast radius.
Underneath those principles sits an economic shift. The NCSC’s recent analysis quantified it directly: in early 2026, the best frontier model completed nearly six times more attack steps on a realistic simulated enterprise attack than the best model eighteen months earlier, and a full attempt now costs around £65. Reconnaissance has become continuous rather than episodic. Vulnerability discovery scales beyond any human team. Defense is still indexed to human speed and decision-making. Offense is operating at machine speed and scale, while defense is still paging analysts during incidents. That is not a tooling gap. It is a model mismatch.
The piece closes with three recommendations I do not consider optional: treat AI agents as security principals with privileged-user governance, invest in adaptive defense rather than incremental detection, and reframe the risk model to assume continuous low-level compromise attempts are now the normal operating condition. For years I told my teams that the advantage in cyber went to whoever had the better tools. The advantage now goes to whoever adapts faster.
Read the full article on CSO Online The NSA, “Mythos,” and the quiet emergence of AI cyber doctrine →
Published as part of the Foundry Expert Contributor Network.