Welcome to Episode 7 of Cutting through with KSIB, a short monthly newsletter summarising key insights from myself and the team.

This episode focuses on 3 key areas: 

1. The stunning announcement from Anthropic regarding the new Mythos model and the cyber security risk it poses for Australian companies 

2. Anthropic and OpenAI  – how good are they really and what you should be thinking about from an enterprise perspective 

3. How all Australian companies might participate in the AI revolution without needing to invest a fortune 

As an overall comment, the world is certainly a disrupted and complex place at the moment.  It is really important that Australian companies understand the opportunities and risks that are presenting themselves so they can make informed decisions about their business. 

I also wanted to let you know that Sharon Broekhuizen has posted an article about her experience providing practical, hands-on support on a recent climate reporting exercise for a large, family-owned business: What I learned helping produce one of Australia's first AASB S2 Climate Reports, and what it means for you.

If you enjoy our insights, please forward our newsletter or a link to our podcasts to your team or contacts and ask them to subscribe. Please feel free to email me at kristin@ksib.com.au or phone/text me on +61 401 999 879. 

If you would prefer to listen to this newsletter as a podcast, you can access it here. 

Regards, 

Kristin

Kristin Stubbins

CEO and Founder, KSIB

① Mythos

On 8 April, Anthropic announced it had built an AI model capable of autonomously discovering and exploiting previously unknown security vulnerabilities in production software. The model, Claude Mythos, found flaws in every operating system and every major web browser it was pointed at. This new model is a gamechanger in term of cybersecurity risk. It has not yet been widely released, but there has been a wave of reporting in the press about its capabilities. 

Steve Brown, KSIB Managing Director and AI and cybersecurity expert has the following key messages to share.   

• The new model has equivalent capability as some of the world’s best hackers and operates at warp speed.  It still takes humans several weeks to patch a vulnerability, Mythos can be exploiting those vulnerabilities in minutes or hours. This asymmetry in terms of response time and capability is a significant risk.  In the short term, the hackers with access to Mythos have a strong advantage and that is why Anthropic has not yet released the model publicly. 

• Australian organisations need to consider their organisational resilience. This starts with gaining visibility of your current environment and where you have vulnerabilities. What are the current plans to rectify these issues and what is the timing? Clear targets are very important in this situation. 

• When the Mythos model becomes more widely available, you need to plan to gain access, and start using these models as a defence. Financial services companies will be most at risk, but those organisations with legacy systems that have more vulnerabilities and slower patching cycles will become targets. Historically that has been healthcare, governments and Universities. Organisations that store a lot of personal data are also likely to be targeted. 

② Anthropic (Claude) and OpenAI  – how good are they really and what you should be thinking about from an enterprise perspective 

Many companies are starting to get excited about the co-work features available from these models and some companies are starting to explore how they might ‘vibe’ code with Claude. If a company has not really started to deploy AI, the following graduated steps might make sense: 

Step 1: It is sensible to start with augmentation of human activity when adopting AI solutions for the first time. Many people will be already using large language models to summarise information and perform research.   

Step 2: Consider workflow integration and efficiency – can you embed AI augmented processes in your day-to-day business? 

Step 3: Agentic workflows can automate manual processes and quality control processes can also be automated and embedded. This is the area that is truly transformative and that large companies are investing in. 

From a vibe code perspective, we think it is great to experiment but from an enterprise perspective, you need to exercise caution. Steve uses the analogy of the “Hollywood movie set” for this. Something might look great on the outside, but it is actually built with cardboard and sticky tape, and it might fall over in the next big wind. This is not something that produces enterprise grade solutions without significant senior human architectural and engineering oversight, steering, review and controls; along with data science and other domain specialists as required. 

③ How many Australian companies might participate in the AI revolution without needing to invest a fortune 

We are seeing many opportunities arise in financial services, but other companies which do not have huge technology and data science teams are now also seeking to solve business problems that previously seemed intractable.  We basically have a team of super-human graduates available to us that can work at speed (the AI models). The starting point should always be the business problem or opportunity though. That problem or opportunity will shape the technology solution that is appropriate (it is not always AI) and the “build” v “buy” decisioning. 

If you are a company that does not have a large-scale technology and data science function, you can still participate in this AI revolution as there will be several options available to you. You might decide to engage specialists to build agents for you, for example, and then transfer that ownership to you. You will then be responsible for maintenance, development and controls.  You may choose to have the specialist manage the bespoke agent on an ongoing basis or buy off the shelf products or managed services. Understanding all of this and the “art of the possible” – what are the right options for your business – is the critical point.   

So – as usual lots and lots happening in the world of AI which we are simultaneously excited and terrified about. KSIB is set up to help you cut through all of this complexity and we can mobilise many experts to work with you to help you understand the possible strategy and the risks and opportunities associated with this. We can also help you build the solution or build it for you. Reach out to us at kristin@ksib.com.au or steve@ksib.com.au if you would like to discuss this further or arrange a meeting.