In April 2026, two things happened in the same week. Anthropic announced Claude Mythos Preview, a model capable of autonomous vulnerability discovery, zero-day exploit generation, and multi-step attack orchestration, restricted from public release precisely because of what it can do.  

Days later, the Canadian Centre for Cyber Security published ITSAP.10.050, its first dedicated guidance on frontier AI. The timing was not coincidental. Federal advisories rarely move this fast. When one does, the security community would be wise to treat it less as guidance and more as a forecast. 

It’s Not If, It’s When 

For two decades, the cybersecurity industry has sold one core promise: keep them out. Block the phishing email. Patch the CVE. Catch the malicious binary. The implicit assumption was that prevention was a line you could hold. 

Mythos breaks that assumption. What makes it different from earlier generations of agentic AI is not phishing (automated phishing and voice impersonation have been commoditized for years, and many LLMs have been weaponized for that purpose long before Mythos). What makes Mythos genuinely new is its ability to autonomously identify vulnerabilities and, critically, demonstrate their exploitability end-to-end. With AI that automates reconnaissance, exploitation, and lateral movement, the gap between vulnerability disclosure and exploitation is collapsing from weeks to hours. What you believed was secure no longer is. The attack surface you thought you understood has been redefined.

You will be compromised. The only question left is how much damage they can do once they are in. 

Your Perimeter Doesn’t Matter, Your Blast Radius Does 

The ITSAP.10.050 guidance suggests that critical infrastructure organizations should be able to operate disconnected from external networks for extended periods. Defensively, the logic is sound. Operationally, it creates a level of friction that most modern businesses cannot sustain. 

So if you cannot fully prevent the intrusion, and you cannot fully isolate from the network, what is left? 

The blast radius. The amount of damage a single compromised account, machine, or service can do once an attacker has it. This is the variable you actually control. And it is the variable that determines whether an incident is a contained event or a front-page breach. 

Reducing your blast radius operates on two levels, and Mythos demands you take both seriously. The first is network architecture. A flat network is indefensible against a Mythos-class threat. Minimizing your exposed attack surface, enforcing micro-segmentation, and containing lateral movement are not optional hardening steps; they are the structural controls that limit how far a zero-day attack can travel once it lands. Phishing-resistant MFA belongs in the same category – not because Mythos invents new phishing, but because system access control is the foundation everything else depends on. The second level is data access governance, which is what the rest of the ITSAP.10.050 guidance is actually about: the “crown jewels” approach, Zero Trust, least-privilege access. They all point to the same operational truth: people (and systems) should only have access to what they need, nothing more. 

The Canada Life Breach Wasn’t Unique 

In April 2026, Canada Life confirmed a cyber incident involving unauthorized access to applications through an employee account. The incident was contained, but personal information of clients was exposed and credit monitoring was offered to those affected. 

One employee account. That was the entry point. A legitimate account, almost certainly compromised through a technique that has been around for years. 

The critical question is not “how did they get in?” It is “why did this account have access to that much?” 

That is the blast radius question. And it is a question every critical infrastructure organization should be asking, urgently, of every account in their environment. 

Your Employees Are the Control 

Here is the part that makes most security leaders uncomfortable: your employees are both the weakest link and the strongest control. The insider threat dynamic does not change dramatically with Mythos – that problem predates frontier AI by decades. What does change is the data access problem. The same person who might click a phishing link is also the only person who actually knows whether the SharePoint site they own should still be shared with twelve external guests, or whether the OneDrive folder they created in 2022 still needs the entire finance team in it.

Your IT team cannot answer those questions. They do not have the business context. They can see that an account has access to ten thousand files. They cannot tell you which of those access grants are still legitimate. 

Only the data owner can. While IT teams may run periodic cleanup campaigns, access reviews are often manual, inconsistent, and disconnected from the people who understand the data best. 

That gap, between the access that exists and the access that is still justified, is your blast radius. It grows every week. It is invisible until something goes wrong. And it is the single largest determinant of how an incident plays out when (not if) it happens. 

Mythos Is the Forecast, Not the Storm 

Mythos is a preview. Successor models will be more capable, more available, and more weaponized. The window between this advisory and the first wave of incidents that cite Mythos-class capabilities by name will not be long. And as the capability ceiling rises, the skill floor drops. The combinations of models we cannot yet name will make sophisticated attack techniques accessible to a much wider pool of threat actors – which means human-vector attacks, social engineering, and credential abuse will increase in volume even as Mythos-class tools reshape the technical exploitation layer. 

Critical infrastructure operators will not disconnect from the internet for three months. They will not prevent every initial compromise. What they can do, starting today, is shrink their blast radius. The federal guidance is pointing in this direction. The recent breaches are illustrating it. The technology to do it at scale, inside the productivity environment your employees already work in, exists. 

One Thing You Can Do Now 

The business case to fix this problem takes longer to build than the fix itself. The real question is no longer whether your organization can afford to act, but what each month of inaction is adding to the remediation bill (and to the personal exposure of the person who will sign the next attestation). 

More on this topic: “The Cost of Waiting” 

If you do only one thing this quarter, do this: pick a single SharePoint site, run an access review on it, and bring the resulting numbers to the board. Real exposure on a real site, in less time than the next steering committee will take to schedule. Then ask the board the only question that matters: how many other sites look like this one? that matters: how many other sites look like this one? 

The honest answer, for most operators we talk to, is that nobody in the building actually knows. That number is the work. Until it gets quantified, every other security investment is sized to the wrong problem. 

Your exposure isn’t paced to your budget cycle. The one thing you can do is start shrinking your blast radius now, at scale, before the next breach decides the timing for you.