Anthropic’s Mythos Preview may remain restricted behind Project Glasswing, but that is no longer the key point. The point is that a frontier cyber model has now been assessed as a material step up in capability, and recent public reporting suggests the surrounding ecosystem for sharing and acting on AI discovered cyber findings is already widening. For businesses that run plants, pipelines, ports, mines, refineries, utilities and other operational technology (OT)-heavy operations, that changes the risk environment now, not only if Mythos itself is broadly released.
The legal problem is timing. OT estates already carry exposure through long lived assets, legacy controllers, bespoke engineering workstations, remote vendor access, shared dependencies and imperfect network segregation. What Mythos-class models change is the speed and scale at which vulnerabilities can be found, chained together and weaponised. In enterprise IT, faster patching is difficult. In OT, it may be impossible without testing, outage windows or safety review. In that sense, Mythos is not just an AI issue. For OT-heavy sectors, it is a safety, continuity and governance issue.
Why OT-heavy sectors are different
Mythos-class capability is most concerning where assets are hard to patch, hard to replace and hard to stop. Many OT environments still depend on legacy components, unsupported software, vendor-maintained appliances and bespoke integrations that cannot be remediated on the same timetable as ordinary IT. The challenge is not simply more vulnerabilities. It is more urgent decisions about which assets can be patched, which must be isolated, which require compensating controls, and when production curtailment or shutdown becomes the safer course.
Project Glasswing reinforces that point. It is not simply a signal that major software and infrastructure providers are likely to surface defects more quickly; public reporting suggests that vulnerability identification, coordination and remediation activity is already accelerating, and that relevant threat findings may move beyond the original cohort of participants. OT-heavy companies should therefore assume that critical vulnerabilities, patch pressure and exploit-relevant knowledge may move across supplier and sector ecosystems faster than ordinary governance, change control and outage planning can absorb.
Existing duties, compressed timeframes
Mythos does not create a new Australian legal regime. It raises the practical standard expected under existing ones.
For responsible entities under the Security of Critical Infrastructure Act 2018 (Cth), the Critical Infrastructure Risk Management Program (CIRMP) framework already requires material cyber and supply chain risks to be identified and managed through a written program. In a Mythos-class threat environment, boards and legal teams should revisit whether their assumptions about exploit timing, supplier response, remote access, concentration risk and emergency authority remain realistic. For energy, water, freight and other high-risk asset classes, the direction of travel is toward more specific, more auditable resilience expectations.
Work health and safety (WHS) laws are equally important. In OT, a cyber weakness can become a threat to life, plant, environment or continuity of critical processes. Under model WHS principles, a person conducting a business or undertaking must manage health and safety risks so far as is reasonably practicable, and officers must exercise due diligence. That matters where patching is delayed, where a compensating control changes how plant is run, or where a supplier says remediation will require a long outage. WHS duties are not outsourced simply because the technology sits with an original equipment manufacturer (OEM), systems integrator or managed service provider.
The same timing problem engages directors’ and officers’ duties. After a serious incident, the question is unlikely to be whether the company achieved perfect cyber security. It is more likely to be whether the board had a defensible governance framework, received OT-specific reporting, funded the right remediation, set clear escalation thresholds and authorised timely action once the risk changed. Minutes, decision logs and board papers matter more in a world where a vulnerability can move from theoretical to operational in hours.
Supply chain and contracting
Mythos-class models also magnify OT supply chain risk. A weakness in a common vendor component, remote access product or shared software library can create simultaneous exposure across multiple sites. That matters particularly where OEMs, integrators and managed service providers sit in the same vulnerability-disclosure chain: a defect found upstream may trigger simultaneous patching, containment and remote-access decisions across many customers running similar assets, including assets that cannot be taken down on the vendor’s preferred timetable. Yet many OT contracts were not drafted for machine-speed vulnerability discovery or for the expanded vulnerability management and compensating control obligations that may follow.
A distinct OT supply-chain issue is the way OEMs and technical vendors increasingly bundle internet connectivity, cloud analytics, licence validation and remote maintenance into the product itself. Recent Australian Signals Directorate OT guidance warns that vendor architectures requiring direct internet connectivity from critical OT, persistent inbound remote access or ongoing dependence on the vendor’s path into the environment materially increase exposure and can undermine the owner’s ability to isolate and recover. In a Mythos-class threat environment, that model becomes more acute: a defect in a common gateway, remote access appliance, embedded library or vendor workflow can be discovered and weaponised at machine speed across many customers at once. The legal and contractual question is therefore not only whether the vendor is secure, but whether the asset can be run, segmented, patched and safely disconnected on the customer’s terms if the vendor connection must be cut immediately.
Clients should review whether critical supplier contracts provide rapid vulnerability notification, visibility over affected versions, embedded software and dependencies, cooperation on emergency workarounds, rights to isolate or suspend remote access, brokered and just-in-time access requirements, forensics and log-preservation support, audit rights, subcontractor visibility, and clear responsibility where AI assisted tools are used in diagnostics, code review or patching. Rights to use local support, add compensating controls and avoid warranty prejudice also deserve attention. A key question for critical OT systems is how long the business can safely operate if the system is disconnected from the network.
The same discipline should apply to defensive AI tooling. If a tool is given access to OT diagrams, source code, logs or historian data, clients should be clear on data use, retention, confidentiality, model training boundaries, human validation and exit rights.
What boards and GCs should ask now
- Which OT assets are genuinely crown jewel assets, and which of those are hardest to patch or recover?
- When a critical vulnerability is announced, who can approve containment steps, emergency change windows, regulator engagement, insurer notice, production curtailment or shutdown before the ordinary governance cycle catches up?
- Where do current contracts leave the business blind or slow: supplier notification, dependency visibility, remote access control, evidence preservation or emergency remediation rights?
- What metrics is the board seeing that matter in an OT environment: patch latency for critical assets, unsupported systems, compensating controls, recovery time and supplier concentration?
- Have cyber, legal, operations and safety teams rehearsed the scenario where the most legally defensible response is controlled isolation or temporary shutdown?
- For critical OT systems, how long can the business safely operate if the system is disconnected from the network?
For OT-heavy sectors, Mythos is best understood as a timing shock to existing legal obligations. The right question is not whether Mythos itself will be the model used against you. It is whether your governance and operational decision making are built for a world in which critical defects are found, shared and acted on at a speed that OT estates often struggle to match.