Francesca Roche sits down with Shimon Tolts, Co-founder and CEO at Copperhelm, to discuss how the US government’s decision to restrict access to Anthropic’s Mythos mode did something that had simply never happened before.
“We never had a government ban technology that was already there,” he says.
“Like closing a SaaS — you can no longer use this functionality.”
For Tolts, that moment crystallized a risk that enterprises have been quietly accumulating: deep dependency on AI infrastructure they have no control over.
Copperhelm, the agentic cloud security platform, was itself affected. Mid-build on solutions leveraging Mythos, and a participant in Anthropic’s cyber validation programme, the company found itself having to pivot fast.
That experience shapes his advice to enterprise security teams: assume any model can disappear, and build accordingly. A multi-model approach isn’t a nice-to-have — it’s operational hygiene.
But the Mythos episode is just one thread in a much larger tension Tolts unpacks. AI-driven offensive security is accelerating attack timelines in ways that are fundamentally reshaping what good security practice looks like.
The window between a vulnerability being exposed and an exploit being developed has compressed to roughly one day.
That shift, he argues, is forcing a dramatic change in posture — from risk management to what boards are now calling “zero risk,” particularly on external-facing assets.
What makes that demand achievable — just barely — is the kind of AI-native, agentic infrastructure Copperhelm has built from the ground up. Tolts is pointed about what that means in practice: bolt-on AI doesn’t cut it.
“It’s like taking a Ferrari engine and putting it in a Fiat,” he says.
The real work is in building context-aware systems that can filter the noise — and his figures on how much of that noise there actually is are striking.
He also touches on a mindset shift he’s witnessing in real time among CISOs, who as recently as February were refusing to consider autonomous remediation — and are now actively asking for it.
The Mythos fallout, he suggests, has accelerated a reckoning that was already coming.
For security leaders trying to get ahead of a threat landscape that is moving faster than their tooling, this is a candid, practitioner-level perspective worth watching.
