When Bain’s strategic analysis of Claude Mythos lands on a single recommendation, it is this: organisations should roughly double their cybersecurity spending. The ten per cent annual uplift most UK boards have penciled in for 2026 and 2027 is not a stretched budget. It is a miscalibration. Frontier AI has not created new vulnerabilities. It has made existing ones, accumulated over decades of underfunding, exploitable at a speed that dissolves the old defence calculus.
The real story
Strategic Reality: AI does not invent new attack surfaces. It finds and exploits the surfaces organisations already chose not to patch. That is a governance problem disguised as a technology problem.
Claude Mythos — Anthropic’s restricted-release model sitting above Claude Opus — can chain multiple vulnerabilities, reconstruct source code from deployed binaries, and autonomously map systems within hours. Work that previously took specialist teams weeks now resolves inside an afternoon. OpenAI’s GPT-5.4-Cyber and Google’s Big Sleep demonstrate comparable capabilities. Adversarial equivalents either exist or are imminent.
Anthropic’s internal research identified thousands of zero-day vulnerabilities using a Mythos preview across operating systems and browsers, including flaws that survived decades of human review. Yet independent testing by the UK AI Security Institute confirmed that Mythos cannot reliably execute autonomous attacks against organisations with well-hardened defences. Foundational practices still work. The gap is that most organisations do not have them.
Critical numbers
| Metric | Figure | Implication for UK boards |
|---|---|---|
| Average cybersecurity spend | ~0.69% of revenue | Below the level current threat models assume |
| Typical planned annual increase | ~10% | Insufficient by roughly a factor of two |
| Organisations hit by an AI-powered attack in past year | 87% (SoSafe) | Baseline, not exception |
| Average global breach cost | $4.4m (IBM) | $10.22m in the US; UK sits between |
| FBI IC3 reported losses, 2025 | $21bn | +26% year-on-year |
| Credential abuse share of breach entry | 22% (Verizon) | Identity is the front door |
What is really happening
The shift is not about one model being released. It is about a class of capability becoming commercially available: infinite context windows over entire codebases, recursive self-correction until an attack succeeds, native tool integration that lets a model launch debuggers and containers on its own. Every unpatched legacy system that once enjoyed protection through obscurity and complexity now sits within reach of an agentic model that treats obscurity as a puzzle rather than a deterrent.
Critical Context: Legacy system complexity is no longer a shield. What used to take a specialist weeks now takes a model hours. Risk calculations that deferred investment on the basis of high exploitation effort no longer hold.
For operational technology environments — energy, water, transport, manufacturing — the consequences are acute. Industrial control systems built for reliability, often running code that cannot be patched, were tolerable when discovering their flaws required deep expertise and patient effort. That tolerance has ended.
What success actually requires
The Bain analysis and the UK AISI testing converge on the same point: well-hardened defences still work. The friction is that “well-hardened” is a high bar most organisations do not meet. Success is not about procuring a new category of AI-defence tool. It is about finishing the cybersecurity basics that have been deferred for a decade:
- Automated patching at AI-attack speed, not quarterly release cycles
- Zero trust architecture replacing perimeter-based trust models
- Anomaly detection tuned for behaviour rather than signature
- Phishing-resistant multifactor authentication, which Verizon data suggests prevents over 99% of identity-based attacks
- Modernised identity controls and reduced legacy technical debt
- Supply chain defences that extend beyond the organisation’s own estate
The human factor
Board underinvestment in cybersecurity is rarely accidental. It reflects a decade of trade-offs where cybersecurity lost out to digital transformation, growth initiatives, and — in many listed UK firms — shareholder return. Those trade-offs were defensible under the previous risk model. Under AI-collapsed attack costs, they are not.
Hidden Cost: The real cost of historical underinvestment is not the breach itself. It is the accumulated technical debt that now has to be addressed under time pressure, with reduced optionality, at higher cost than if it had been paid down steadily.
Stakeholder impact
| Stakeholder | What changes | What is required |
|---|---|---|
| Board | Cybersecurity becomes a recurring agenda item, not an annual review | Direct accountability for spending trajectory |
| CISO | Shift from perimeter defence to behaviour-based, AI-assisted response | Authority to mandate foundational fixes without negotiation |
| CFO | Cybersecurity spend reclassified from cost centre to capital preservation | Multi-year uplift modelled against regulatory exposure |
| Operational leaders | OT environments no longer operate on obscurity assumptions | Ringfenced investment in segmentation and OT-specific monitoring |
| Suppliers and partners | Extended attestation and contractual security requirements | Cascaded standards, not optional compliance |
| Regulators (NIS, FCA, SEC) | Board-level disclosure expectations hardening | Demonstrable, traceable governance |
Success criteria
A UK organisation that has responded adequately to the new threat environment will show three observable signals within eighteen months. A cybersecurity budget trajectory heading toward doubling over three to four years. Board minutes demonstrating recurring, substantive engagement with the threat, not a once-a-year item. And evidence of foundational practice completion — patching automation, zero trust rollout, MFA coverage — rather than pilot schemes lingering in proof-of-concept.
Strategic recommendations
Sequence the investment
Doubling spend without fixing foundations produces expensive telemetry with no defensive improvement. Three phases make sense for most organisations.
Phase 1 (first 90 days): Honesty audit. Quantify the actual gap between current practice and foundational standards. Phishing-resistant MFA coverage, patching latency, segmentation maturity, identity hygiene. No new tooling purchases. This is about measurement, not spending.
Phase 2 (90–270 days): Foundational completion. Close the gaps the audit surfaced, in order of blast radius. Identity first, given it accounts for 22% of breach entry vectors. Then automated patching, then segmentation, then OT-specific controls.
Phase 3 (270+ days): AI-defensive layer. Only after foundational controls are demonstrably in place should budget be redirected to AI-assisted defence, war-room teams, and anomaly detection tuned to AI-attack behaviours.
Implementation Note: Organisations that skip Phases 1 and 2 and jump straight to AI-defensive tooling routinely find their new capabilities cannot operate effectively because the underlying estate is too noisy. Sequence matters more than speed.
Priority actions by maturity level
Low-maturity organisations (limited MFA, manual patching, weak segmentation): pause discretionary technology spending until the Phase 1 audit is complete. The highest-return action is not purchasing AI defence. It is finishing the basics.
Mid-maturity organisations (partial MFA, some automation, emerging zero trust): compress foundation completion to twelve months, establish a dedicated AI threat team by reallocating existing talent rather than hiring externally, and begin an OT environment assessment.
High-maturity organisations (comprehensive MFA, mature patching, zero trust in place): focus on supply chain cascading, behavioural anomaly detection, post-quantum readiness planning with a 2030 target, and active-defence exercises using AI-enabled red teams.
SME Advantage: Smaller UK organisations often have shorter decision paths, simpler estates, and fewer legacy systems. Translated correctly, this can mean a twelve-month path to well-hardened — faster than most enterprises can manage in three years.
Hidden challenges
1. The talent reallocation trap. The instinct on AI threat war rooms is external hiring. The Bain analysis and UK practice both suggest reallocating internal AI and cybersecurity talent works better. The hidden challenge: reallocation requires deprioritising other AI initiatives, which means telling business leaders their use cases are on hold. Most organisations lack the governance mechanism to make that trade-off cleanly.
Mitigation: establish explicit board-level authority for cyber-threat reallocation before the first crisis, not during it.
2. The OT investment paradox. Operational technology environments are precisely the ones where AI-enabled attacks are most dangerous and where additional investment is hardest to justify to existing operational leaders. ICS modernisation cycles run in decades, not quarters.
Mitigation: separate the OT security budget from operational budgets entirely. Governance, not engineering, is the blocker.
3. The regulatory lag. NIS2 applies to EU entities. The UK’s NIS Regulations and the FCA’s operational resilience framework cover parts of the UK landscape but are not yet tuned for AI-enabled attack scenarios. Organisations face a compliance gap: meeting current rules does not mean being defended.
Mitigation: set internal standards ahead of regulatory expectations. When rules catch up — and they will — the cost of retrofitting will exceed the cost of pre-emptive alignment.
4. The post-quantum distraction. Quantum-resistant cryptography is a 2030 concern that is real and legitimate. The risk is that it absorbs strategic attention and budget from the AI-attack problem that is operational now.
Mitigation: treat post-quantum as a parallel workstream with its own governance, not a substitute for AI-threat investment.
Reality Check: Most organisations will not fully double cybersecurity spending in a single year. The objective is a credible three-to-four-year trajectory that reaches that level, visible to boards, regulators, and insurers.
Strategic takeaway
The value of treating this moment seriously is not avoiding a single breach. It is repricing the entire risk category. Organisations that meet the new threat environment with foundational maturity have meaningfully reduced attack surface, lower insurance premiums, cleaner regulatory relationships, and the strategic freedom to adopt AI capabilities offensively — for their own business — because the defensive baseline is sound.
Three factors decide whether that outcome lands:
-
Board-owned budget trajectory. The shift from a ten per cent annual uplift to a doubling path must be visibly and repeatedly discussed at board level. CISO advocacy alone is insufficient.
-
Foundations before frontier. Phishing-resistant MFA, automated patching, and zero trust architecture must be substantially complete before AI-defensive tooling is procured.
-
Internal reallocation over external hiring. The AI threat war room is staffed from existing AI and cybersecurity talent with explicit backing to deprioritise other work.
Next steps checklist
- Commission a foundational-maturity audit within 90 days — not a vendor pitch
- Establish a direct board reporting line on AI cyber threat posture
- Map current MFA coverage, patching latency, and segmentation maturity
- Identify internal AI and cybersecurity talent candidates for reallocation
- Review OT environments against AI-enabled attack scenarios
- Baseline current cybersecurity spend as a percentage of revenue
- Model a three-to-four-year spending trajectory toward doubling
- Cascade standards into supplier contractual requirements
Take Action: If your organisation’s cybersecurity spending trajectory for 2026 and 2027 is in the 8–12% range, the planning assumption needs revisiting this quarter, not at the next annual budget cycle.
Source citation
This analysis draws on Ford, F., Cousins, A., Ali, S. and Juegelt, A. (2026, April 21). Claude Mythos and the AI Cybersecurity Wake-Up Call. Bain & Company. Available at bain.com/insights/claude-mythos-and-ai-cybersecurity-wake-up-call.
Supporting data referenced in the source article: SoSafe AI Cyber Threat Report; UK AI Security Institute testing; Verizon Data Breach Investigations Report; IBM Cost of a Data Breach Report; FBI Internet Crime Complaint Center (IC3) 2025 Annual Report.
Resultsense translates AI developments into strategic guidance for UK professionals and businesses. See our other insights or get in touch via our contact page.