Sitharaman, Mythos & Indian Banks: What CISOs Should Do

Pawan Sharma Published 25 Apr 2026  ·  By Pawan Sharma  ·  Cybersecurity  ·  18 min read

On 23 April 2026, Finance Minister Nirmala Sitharaman convened bank chief executives, regulators and IT Minister Ashwini Vaishnaw in an unscheduled meeting. The trigger: Anthropic's Claude Mythos — an AI model that autonomously found a 27-year-old OpenBSD vulnerability and thousands of zero-day flaws in every major operating system and web browser. Indian institutions are outside the controlled-access ring. This is what every Indian CISO should do this week — and the multi-layered defence Ogma already operates for Indian enterprises.

📅 Meeting date

23 Apr 2026

FM + bank CEOs + RBI + MeitY

🐛 Oldest bug Mythos found

27 years

OpenBSD SACK implementation

💰 Glasswing budget

$100M + $4M

Usage credits + OSS donations

🤝 Partner orgs

12 — 0 Indian

Big Tech only; India outside ring

🧪 AISI test pass rate

73%

Expert-level CTF (UK AISI eval)

Note on framing: Mythos itself is gated. The realistic risk is not Mythos directly attacking your network this week — it is the capability proliferation Sitharaman is preparing the system for. AI-augmented offensive tooling is already in criminal hands at lower capability levels. The window to harden Indian BFSI is now.

What FM Sitharaman Actually Said

The FM convened the meeting on the afternoon of 23 April 2026. RBI officials, the Indian Banks' Association (IBA), CEOs of major public and private sector banks, IT Minister Ashwini Vaishnaw, and senior CERT-In leadership attended. Two direct quotes from her, reported in Business Today:

"The new challenge, which is coming in the name of Mythos, about which not much is known, not very many people have tested or tried."

— FM Nirmala Sitharaman, 23 Apr 2026 meeting, via Business Today (24 Apr 2026)

"We need something new and something far more versatile to be able to counter the newer threats which are likely to come."

— FM Nirmala Sitharaman; same meeting

She characterised the threat as "unprecedented and requires a very high degree of vigilance, preparedness and better coordination across financial institutions and banks." The meeting concluded with three operational directives, per Hans India:

  • Real-time threat-intelligence sharing among banks, CERT-In and security agencies
  • Finance Ministry + RBI threat assessments on AI-driven cyber risk to banking infrastructure
  • IBA to develop a coordinated response framework for AI-augmented attacks

What Mythos Actually Does — Verbatim From Anthropic

Anthropic's Claude Mythos Preview disclosure (Anthropic Red, April 2026) and the Project Glasswing announcement describe a model designed for general intelligence that turned out to be unusually strong at offensive cyber. The capability claims, in Anthropic's own words:

Vulnerability discovery at scale

Anthropic verbatim
Quote
"Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser." Examples Anthropic names: a 27-year-old flaw in OpenBSD, a 16-year-old vulnerability in FFmpeg, multiple Linux kernel vulnerabilities chained together.
Validation
Human reviewers agreed with the model's severity rating in 89% of 198 reviewed cases. Over 99% of vulnerabilities found are unpatched.

Fully autonomous exploit development

Anthropic verbatim
Quote
"It was able to identify nearly all of these vulnerabilities — and develop many related exploits — entirely autonomously, without any human steering."
Example
FreeBSD NFS remote code execution (CVE-2026-4747): "no human was involved in either the discovery or exploitation of this vulnerability after the initial request to find the bug." Engineers "with no formal security training" requested exploits overnight and "woken up the following morning to a complete, working exploit."

Multi-stage attacks & sandbox evasion

Anthropic verbatim
Chains
Linux privilege escalation chained "two, three, and sometimes four vulnerabilities" to achieve root. Browser attacks used a "JIT heap spray" that "escaped both renderer and OS sandboxes."

Independent verification came from the UK AI Safety Institute (AISI) evaluation published 13 April 2026. AISI tested Mythos against expert-level CTF challenges and a 32-step corporate-network attack simulation called "The Last Ones" (TLO).

73% & 22 / 32

Mythos Preview passed expert-level CTF challenges 73% of the time and was the first model to complete the 32-step TLO corporate-attack simulation — succeeding 3 out of 10 attempts, averaging 22 of 32 steps. For comparison, Claude Opus 4.6 averaged only 16 steps. AISI's recommendation: "investment now in cyber defence is vital."

Source: UK AISI evaluation (13 Apr 2026)

Why Sitharaman Convened the Meeting: The Glasswing Asymmetry

Anthropic chose not to release Mythos generally. Instead it set up Project Glasswing — a controlled-access programme in which a small ring of organisations gets early access to use the model defensively. The full partner list, per Anthropic:

🔒 Project Glasswing partners 12 organisations

Amazon Web Services Anthropic Apple Broadcom Cisco CrowdStrike Google JPMorganChase Linux Foundation Microsoft NVIDIA Palo Alto Networks
Zero Indian institutions are inside the ring. One US bank (JPMorganChase) sits at the table; SBI, HDFC, ICICI, Kotak, Axis and the public-sector bank chiefs Sitharaman convened on 23 April are all outside. So is RBI. So is every Indian regulator and every Indian SI. That is the gap the FM is reacting to.

Anthropic's framing is honest: "we believe that powerful language models will benefit defenders more than attackers" long-term, but "the transitional period may be tumultuous." Sitharaman's meeting is an Indian regulator preparing for that transitional period without inside access.

The Realistic Threat Model — Today, Not Tomorrow

Mythos is gated. But there is already a thriving market for AI-augmented offensive tooling at lower capability tiers — fine-tuned open models for vulnerability triage, agentic frameworks for autonomous reconnaissance, and the criminal stealer-log + ransomware ecosystem we covered in our recent FortiRecon Dark Web Field Guide.

For an Indian bank in 2026, the realistic Mythos-class threat model is:

  1. Capability proliferation. Open-weights models trained on vulnerability research will catch up to a fraction of Mythos's capability over the next 6-18 months. Even 10% of Mythos's CTF pass rate is dangerous.
  2. Asymmetric exposure. 99%+ of vulnerabilities Mythos found are unpatched. Once any subset leaks, the asymmetry between any one attacker holding pre-disclosure intel and the rest of the world racing to patch is massive.
  3. Existing capability is enough. CERT-In's CIAD-2025-0018 advisory (June 2025) flagged 16 billion exposed credentials, "predominantly acquired through info stealer malware attacks." Indian banks already face daily probes from much less sophisticated tooling.
  4. Compliance pressure. RBI, SEBI CSCRF and DPDPA 2023 don't care whether the breach was caused by AI or a malicious insider. Detection, breach notification timelines and audit evidence still apply.

The right answer is not to wait for a Mythos-specific defence. It is to harden the layers that any Mythos-class attack would have to traverse. That defence already exists — and Ogma already operates it for Indian enterprises today.

The Multi-Layered Defence Indian Banks Need (And Ogma Already Operates)

A Mythos-class threat — autonomous discovery, autonomous exploit, multi-stage chains, sandbox evasion — has to traverse five operational layers to land a successful breach. Each layer is independently auditable. Ogma runs all five as managed services for Indian BFSI, manufacturing and government clients today.

01

Threat Intelligence — see the attack before it lands

Layer · External

If Mythos-class exploits reach criminal markets ahead of public disclosure, the leak shows up first on stealer-log markets, ransomware leak sites, dark-web forums, Telegram criminal channels and code-repo dumps. Catching the early signal — leaked credentials, exposed cloud buckets, brand-impersonation campaigns, ransomware blog mentions of your sector — is the first line.

What Ogma operates: FortiRecon Adversary-Centric Intelligence + Dark Web Monitoring + the Ogma Threat Intel feed with 1.4M+ live IOCs from 40+ sources, plumbed into FortiGate EBL, Palo Alto EDL, FortiSIEM, Microsoft Sentinel and Splunk via tokenised feed URLs. FortiRecon was named Overall Leader in the 2025 KuppingerCole Leadership Compass for Attack Surface Management.
02

Vulnerability Assessment — close the bugs before any AI finds them

Layer · Internal exposure

If Mythos can find a 27-year-old OpenBSD bug, your unpatched 8-year-old appliance is trivial. The defence is straightforward: continuous internal and external VA, with results turning into closed remediation tickets — not Excel spreadsheets that get refreshed every quarter.

What Ogma operates: Managed Vulnerability Assessment using OpenVAS / Tenable, with a single-container sensor (Sensor v3) deployable inside the customer network in 10 minutes. Multi-format compliance reporting (RBI, SEBI CSCRF, PCI DSS, ISO 27001, DPDPA, CERT-In) generated automatically. Remediation tracking with sign-off captures who deployed the fix, what the fix was, and date — auditable straight out of the platform.
03

Firewall Configuration Audit — close the misconfigurations that amplify any zero-day

Layer · Network policy

Most Mythos-class breaches need a way out as well as a way in — exfiltration, lateral movement, callback to C2. A FortiGate / Palo Alto / Check Point with default-deny outbound, segmented zones, application-layer egress filters and explicit DNS-tunnel detection turns a zero-day into a contained incident. A misconfigured firewall turns it into a board-level event.

What Ogma operates: Quarterly firewall configuration audit against CIS, NIST and vendor-recommended baselines. Issues triaged, remediated and re-audited. Includes Sophos PG-dump support for clients on Sophos. Output is an evidence package the auditor accepts.
04

Breach & Attack Simulation — assume the breach, prove the kill chain holds

Layer · Validation

Layers 1-3 reduce attack surface. BAS validates whether the controls actually work against a realistic adversary. Continuous, MITRE ATT&CK-mapped simulations test what the EDR catches, what the SIEM correlates, what the SOC actually responds to — every week, not once a year during an audit.

What Ogma operates: Managed BAS service on MITRE Caldera at 10.10.116.53. Continuous emulation of TTPs from active ransomware affiliates (LockBit, Akira, Cl0p, Play) and AI-augmented attack patterns published by FortiGuard Labs. Mapped to MITRE ATT&CK, reported to your CISO weekly.
05

24×7 SOC with AI-assisted remediation — when something does land, contain it in minutes

Layer · Detection & response

The Mythos AISI evaluation showed multi-stage attacks that take a human professional 20 hours can be compressed by AI. Defenders need symmetric compression. AI-assisted triage (FortiAI, custom playbooks), pre-built incident-response automation and 24×7 human analysts working business-hours-Indian-context.

What Ogma operates: 24×7 Managed SOC on FortiSIEM with AI-assisted triage, FortiSOAR playbooks for automated containment (account disable, network isolation, IOC blocklist push), and Indian business-hours analyst coverage. Integrates directly with all 4 layers above. DPDPA / CERT-In 6-hour breach-notification ready.

None of this is hypothetical. Every layer is operational; every layer has Indian BFSI, manufacturing and government clients depending on it. The IBA's "coordinated response framework" the FM asked for is, at the practitioner level, exactly this stack — operating across an enterprise, plumbed together so external threat intel triggers internal scans, triggers SOC triage, triggers automated response.

A 7-Day Mythos-Readiness Checklist for an Indian CISO

You will not stand up a five-layer defence in seven days from cold. But you can verify the foundations, find the worst gaps, and have an evidence package ready when RBI or your board asks the question that's coming this week.

1Day 1

Inventory your external attack surface

List every internet-exposed asset under your AS number — domains, subdomains, IPs, cloud workloads, third-party SaaS. Mythos finds what you forgot you had. A continuous EASM tool (FortiRecon, BitSight, equivalent) does this in hours.

2Day 1-2

Run a free dark-web exposure scan

Pull every employee email domain and key brand keywords through a dark-web scan. If credentials, source code or executive impersonations are already out there, you need to know before a Mythos-class attacker does.

3Day 2-3

Patch the publicly-known critical CVEs you've been deferring

Pull your most recent VA report. Filter to KEV (CISA Known Exploited Vulnerabilities) + CVSS >= 7. Ship them this week. Mythos-class tooling makes deferring "moderate" CVEs an unacceptable risk position.

4Day 3-4

Audit firewall egress controls

Default-deny outbound, segmented zones, application-layer filtering, DNS tunnel detection. If an unpatched zero-day lands, what stops the C2 callback? Walk this with a senior network engineer.

5Day 4-5

Run a BAS test of your top-5 detection rules

Pick the 5 detection rules you would bet your job on. Run a Caldera or AttackIQ test against each. If any fail, that's a weekend project, not a quarter project.

6Day 5-6

Validate the SOC kill-chain end-to-end

Coordinate with your SOC: simulate a credential leak alert. Stopwatch the time from alert generation to credential rotation. If it's longer than 60 minutes for a critical asset, that's the bottleneck a Mythos attack will exploit.

7Day 6-7

Document for the board

Prepare a 1-page brief for your audit committee: What Mythos is, why it matters, what your current posture is across the 5 layers, where the gaps are, what funding closes them. The IBA framework is coming; have your answer ready before they ask.

✅ Key Takeaways

  1. FM Sitharaman's 23 April 2026 meeting is a regulatory signal, not an emergency. The threat is preparedness for capability proliferation, not a Mythos-specific attack this week.
  2. Mythos's verified capabilities (Anthropic + AISI) are unprecedented: 73% expert-CTF pass rate, autonomous chained-vulnerability exploitation, 27-year-old bug discovery. The class of capability is here regardless of who has access.
  3. Project Glasswing's 12 partners include zero Indian institutions. India is preparing without insider access — which is exactly why the IBA framework matters.
  4. The right defence is the multi-layer stack you already know: TI → VA → firewall config → BAS → 24×7 SOC. Every layer is independently auditable; every layer reduces a different attack vector.
  5. Ogma already operates all five layers as managed services for Indian BFSI, manufacturing and government clients. Authorised Fortinet partner, NSE7-certified engineers, Indian business hours, India-context tuning.
  6. This week's CISO playbook is concrete: inventory, dark-web scan, patch known-exploited CVEs, audit firewall egress, BAS your top-5 detections, validate SOC kill-chain time, brief the board.
🛡️ Multi-layer defence · India-ready

We already operate the defence Sitharaman is asking for.

FortiRecon-powered threat intelligence. Managed VA with sensor v3. Firewall configuration audit. MITRE Caldera-based BAS. 24×7 FortiSIEM SOC with FortiSOAR-automated remediation. All five layers, plumbed together, operating today for Indian BFSI and enterprise clients. Get a free posture review and a written gap analysis within 5 working days.

✉  Request a free posture review 📞  +91 80 0979 0979

Or read our recent deep-dive: FortiRecon Dark Web Field Guide 2026 — 3,700 words, 30+ official sources, walks through what is actually on the dark web in 2026.

Stay ahead of cyber threats

One short email a week — curated Indian cybersecurity news, Fortinet releases, DPDPA updates. No fluff.

Related Posts

FortiGate for Multi-Branch Indian Enterprises — SD-WAN + ZTNA Deployment Guide

Complete FortiGate SD-WAN + ZTNA deployment guide for multi-branch Indian enterprises. ADVPN architecture, model...

CrowdStrike Falcon Pricing in India 2026 — Falcon Go vs Pro vs Enterprise vs Elite Compared

Complete CrowdStrike Falcon pricing guide for Indian enterprises. Compare Falcon Go, Pro, Enterprise, Elite bundles,...

FortiGate F-Series vs G-Series — Which Generation Should Indian Enterprises Buy in 2026?

Complete FortiGate F-series vs G-series comparison. SP5 ASIC specs, model-by-model performance tables, migration...

Search
Talk to an Expert

Get a free consultation from Ogma's certified IT & cybersecurity engineers.

Get in Touch
Cato Firewall as a Service
Cato ZTNA — Zero Trust Network Access
Cato SASE Solution