American artificial intelligence Firm Anthropic, the company behind the Cloud AI model family, officially announced the Cloud Mythos Preview on April 7, confirming it as a step-change model that faces what the company calls unprecedented cybersecurity risks.
The existence of the model first came to light in late March through a content management system misconfiguration, which exposed approximately 3,000 draft blog posts, including one describing the new model.
According to Anthropic's red-team documentation, the model – developed under the internal codename Capybara – can identify software vulnerabilities in minutes. In contrast, the Adaptiva State of Patch Management 2025 report found that 77% of organizations globally More than a week is required to deploy the patch.
That gap – between automated detection and human-paced remediation – is one three cyber security practitioners tell TechCentral South Africa is not prepared for.
armand krugerHead of Cyber Security NEC XONsaid that this change changes the entire foundation of how organizations should approach software security.
“This fundamentally shifts security from periodic assurance to ongoing exposure management,” Krueger said. “The challenge is no longer finding the vulnerabilities. The challenge is how quickly you can prioritize and address them.”
His position is that architecture has to carry more of the burden. “Our approach moves from audit-driven security to architecture-based security, where systems are designed to limit the blast radius, enforce least privilege, and minimize the impact of unavoidable flaws.”
'Not fully prepared'
On industry readiness, he is blunt: “The South African market is completely unprepared for this change. Most organizations still operate on a periodic testing model and fragmented tooling, which will struggle in a world of continuous discovery.” He acknowledged the scope for maturity, particularly in financial services, but said the broader picture is uneven.
“The risk is not a lack of equipment. It is a lack of architectural thinking and operational readiness.”
Reading: Paying ransomware attackers is making companies more vulnerable
sow fungusThe head of information security and risk at Sanlam pointed to recent compromises in government institutions as evidence that the country is already behind. Speaking to TechCentral at a Cape Town customer event hosted by TrendAI last week – TrendAI is the rebranded enterprise arm of Trend Micro – Boya said the breaches were no anomaly. “As a South African industry, if we had been prepared, we would not have seen so much.”
Boya also raised a problem with response timelines that many organizations have not faced. Standard industry recovery windows of seven to 90 days had already been extended. AI-powered search narrows them down further. The seven-day remediation window is now effectively the window in which exploitation occurs, Boya said.
zaheer ibrahimThe solutions engineer at TrendAI AMEA (Asia-Pacific, Middle East and Africa) said patching is where South Africa's infrastructure is most exposed. “Whether in the private sector, the public sector, wherever you are, patching is a big problem.”
They demonstrated the bet through a simulation targeting OpenClaw, an open-source AI agent framework that is known to be sensitive to adversarial signals. Ibrahim described a scenario in which an attacker embedded a malicious instruction inside a simple e-mail. When an AI agent reads a message, it acts on instructions rather than simply processing the e-mail. “It extracted the passwords and responded to our e-mails and gave us all the passwords,” he said.
The economics of change also matter. Kruger said vulnerability discovery is becoming cheaper while remediation has become the most expensive and time-constrained activity. His prescription is to move security into the development life cycle rather than treating it as a post-production check.
Boya sees the same technology as an opportunity if implemented early. Embedding AI into the development pipeline before code reaches production allows vulnerabilities to be caught before they become liabilities – an AI that can “assess that code before they compile it, before they put it into the test environment, which is able to find all the vulnerabilities and also gives the developer a chance to figure out what to fix”.
On the question of whether chief information security officers should be concerned, Kruger resisted using the word panic. “Panic is not useful. But readiness is required.”
Reading: The Mythos of Anthropic is the cyber threat every CISO feared
For South African organizations that are still running delayed patching cycles and periodic audit models, Kruger's message is clear. “This is not a future problem. This is an acceleration of what is already happening.” — (c) 2026 NewsCentral Media
Get breaking news from TechCentral on WhatsApp. Sign up here.