AI governance in the EU

Project Glasswing has set the benchmark for taking a tightly controlled approach to cyber-focused AI deployment. Anthropic’s initiative centres on Claude Mythos, a specialised cyber-security model released under highly restricted access to tech giants such as Apple and Microsoft, cyber-security firms including Palo Alto, and select banks like JP Morgan Chase. While Anthropic has since expanded the programme, granting access to over 150 additional companies, access remains curated, reflecting the company’s preference for a controlled deployment model.  

 

A month on from Anthropic’s release, OpenAI announced GPT-5.5-Cyber, a variant of its latest AI model capable of identifying software vulnerabilities. But the firm is taking an opposing stance to Anthropic and proactively offering the European Commission access under its ‘EU Cyber Action Plan’ – a proposal welcomed by the EU in hopes that democratising access can strengthen cyber-security across the continent. In contrast with Project Glasswing’s selected expansion, OpenAI recognises that effective cyber-defence depends on broad access to capable tools, rather than being limited to a pre-approved group of organisations.

 

With European partners, including businesses, governments, cyber-security authorities and EU institutions, set to be granted access to OpenAI’s cyber-security model, the deal could be a major step for European cyber-defence and AI adoption. However, it also exposes a deeper industry debate around governance, oversight, and how access to advanced models should work in practice.  

 

Defensive acceleration

The pace of AI advancement means cyber-threats are becoming more sophisticated, with AI systems identifying cyber-threats 85% faster than older systems, quickly making traditional reactive security approaches insufficient. By accelerating AI-powered defensive capabilities, including faster threat detection, automated vulnerability analysis, and real-time incident response, OpenAI aims to keep defenders working at the pace that attackers are identifying and exploiting emerging technologies.  

 

If defensive systems evolve at a slower rate than offensive risks, the imbalance could create significant security vulnerabilities. Continuously advancing defensive AI helps to maintain a proactive advantage, strengthening resilience against rapidly changing cyber-threats. Additionally, while Claude Mythos can autonomously identify vulnerabilities in software that threat actors could exploit before they do, it only benefits those organisations with access, leaving those without powerless as attackers use AI to identify them for themselves.  

 

The limits of restricted access  

Open access may give defenders more confidence, governance, and oversight, but misuse controls still matter.  Without robust safeguards, transparency alone cannot prevent malicious actors from exploiting openly available systems, making continuous monitoring and clearly defined accountability mechanisms essential.  

 

Relying on restricted access to advanced AI systems is not enough for defenders - access controls alone do little to address the broader strategic risks of dependence, and capability diffusion.  

 

Defenders also need their own technical foundations, including domestic compute infrastructure, model evaluation, and the ability to develop or adapt alternative systems when needed. Without independent capacity, access remains contingent on decisions made elsewhere. If access can be changed or revoked by external commercial or political incentives, then it offers a temporary safeguard rather than a durable defence.  

 

Faster tools need human oversight

Tools that help teams find, prioritise, and fix issues faster still require a human-in-the-loop element. Although automated systems can identify patterns and surface potential risks, they cannot comprehend business priorities or the real-world impact of an issue. A tool might flag hundreds of vulnerabilities or anomalies, but only cyber-security experts can assess which ones pose immediate danger to wider business impact.  

 

Human judgement is essential for interpreting findings within the broader organisational context, balancing speed against potential disruption, and making informed decisions about what should be fixed first and how remediation can be carried out effectively.

 

Beyond initial access controls  

The reported unauthorised access to Claude Mythos shortly after its release demonstrates why what Anthropic describes as ‘restricted access’ is not a sufficient safeguard for advanced AI systems.  

 

Initial approval controls can quickly become ineffective once a system is deployed into dynamic real-world environments. Restricting who can access a model at launch may reduce immediate exposure, but it does not account for evolving vulnerabilities, misuse, changes in policy, or failures in operational enforcement over time.  

 

Continuous governance after deployment is necessary and should include ongoing monitoring, auditing, incident response mechanisms, and adaptive oversight. Effective security depends not just on controlling initial access but on maintaining accountability and resilience throughout the system’s operational lifecycle.

 

Secure AI deployment  

Effective AI security depends on more than restricting access at the point of approval. It requires continuous oversight, human judgement, and adaptive governance throughout deployment. This is where OpenAI and Anthropic diverge – while OpenAI emphasises accelerating deployment through trusted institutional partnerships so defensive capabilities can scale alongside automated threats, Anthropic prioritises tighter access controls to limit misuse, even if that may slow progress. Both strategies have merit, and it remains unclear which balance of speed, security, and accessibility will prove most effective over time.

 

As AI capabilities evolve rapidly, resilience will depend on ensuring that defensive systems, operational controls, and accountability mechanisms develop just as quickly as the risks they are intended to manage.

  

---

 

Matthew Lloyd Davies is Principal Security Author at Pluralsight

 

Main image courtesy of iStockPhoto.com and traffic_analyzer