Anthropic Eases Sharing Rules for Cybersecurity Insights
Anthropic has recently decided to relax its rules regarding the sharing of information obtained through its advanced cybersecurity AI model, Mythos. This change allows users of the Mythos model to exchange important cyber threat information with other organizations that may face similar security challenges, according to a report from Reuters.
This adjustment comes as part of Anthropic’s Project Glasswing, a controlled initiative where select technology companies, including Amazon, Microsoft, Nvidia, and Apple, test the unreleased Claude Mythos Preview model.
New Sharing Guidelines Introduced
Initially announced on April 7, Mythos is part of Project Glasswing, designed specifically for a limited number of organizations to use it for enhancing their defensive cybersecurity measures. The model is known for its impressive coding skills, making it particularly effective at identifying cybersecurity vulnerabilities and even devising ways to exploit them.
Recently, Anthropic informed the organizations involved in the project that they can now publicly acknowledge their participation and share insights, tools, codes, and best practices developed during the initiative. An Anthropic spokesperson highlighted their commitment to supporting collaboration among partners, stating, “We fully support our partners sharing findings with each other and with companies outside of Glasswing to address vulnerabilities.”
Reasons Behind the Change
Initially, confidentiality measures were put in place because participating companies were concerned about safeguarding sensitive cybersecurity findings and did not want to become potential targets for attackers. However, Anthropic now believes that the program has developed enough to allow for broader information sharing aimed at improving defenses.
As the program has matured, adjustments have been made to facilitate sharing crucial information widely, even beyond the confines of the project. The spokesperson mentioned, “We’ve adapted them to ensure key information can be shared broadly – including outside the program – for maximum defensive impact.”
Under the new guidelines, partners are free to share cybersecurity insights with other companies’ security teams, government agencies, open-source developers, industry groups, and even the media, provided they adhere to responsible disclosure practices.
