JPMorgan Chase, Goldman Sachs on Anthropic's Mythos, AI cyber risks

JPMorgan Chase and Goldman Sachs are testing Anthropic's Mythos model under Project Glasswing and noted that AI cybersecurity is a top risk factor.

Anthropic announced Project Glasswing and its Mythos model, which has been able to find multiple existing vulnerabilities in software. Mythos was released to a limited number of cybersecurity ecosystem players so they could patch vulnerabilities and fortify defenses. The thinking is that a model like Mythos in the wrong hands can do damage before defenses are fortified. OpenAI announced a similar program and model release aimed at cybersecurity.

• Anthropic launches Project Glasswing, Claude Mythos Preview in AI cybersecurity push
• OpenAI releases GPT-5.4-Cyber, beefed-up Trusted Access for Cyber program

Speaking during JPMorgan Chase's first quarter earnings call, CEO Jamie Dimon addressed cybersecurity threats in the banking system. In his annual shareholder letter, Dimon cited cybersecurity as the top priority.

"We read about Mythos, which we're testing now and looking at and it does create additional vulnerabilities," said Dimon. "In context, I think JPMorgan is very well protected. We spend a lot of money. We've got top experts. We're in constant contact with the government. We're constantly updating things, but AI has made it worse, it's made it harder."

• JPMorgan Chase CEO Dimon: We can't predict AI winners and losers yet

Dimon said cyber risk isn't confined to banks and affects all industry. "While we're trying to get the benefits of AI, we also are very cognizant of the risk of cyber. I think the government is aware of it, too. And remember, you have cyber criminals, you have cyber states, you have cyber everywhere, and that's why you have to be quite careful. So, I'd say the banks in total are rather well protected, that doesn't mean everything that banks rely on is that well protected," said Dimon.

Jeremy Barnum, CFO of JPMorgan Chase, said it's clear that new models are going to bring opportunities and risk with cybersecurity. There's more attention on the threat of new AI models, but the proactive stance taken by the bank, new technologies and security has been an ongoing theme.

Goldman Sachs CEO David Solomon had a similar refrain. Bank CEOs met in Washington DC at a regular Financial Services Forum meeting to discuss AI-driven risks to the banking infrastructure.

"It's not the first meeting that group has gone over to US Treasury to talk about cybersecurity risk over a number of years," said Solomon. "It's something we're focused on, and there's nothing new in that focus. Obviously, the LLMs are making rapid progress, and we're hyper aware of the enhanced capabilities of these new models. With the help of the U.S. government and the model publishers, we are very focused on supplementing our cyber and infrastructure resilience and this is part of our ongoing capabilities that we have been investing in and are accelerating our investment in."

Solomon added that Goldman Sachs has Mythos and is working with Anthropic and all its security vendors. "It's not new that as technology evolves, we have to continue to upgrade for cyber risk and make sure we're at the forefront of that," said Solomon.

Related Constellation Research Shortlists:

• Application Security Testing
• Cloud Native Application Protection Platforms (CNAPP)
• Endpoint Protection Platforms
• Security Information and Event Management (SIEM)