The cybersecurity treadmill has a speed limit. AI is blowing past it.

By Micah Steffenson, Portfolio Manager, Idaho National Laboratory

Micah Steffenson cybercore critical function assurance

We built the digital world for efficiency, not conflict. We connected every critical system — power grids, water systems, financial networks, hospital infrastructure — because it was more efficient than the alternative. The security trade-offs were real, but they were deferred. For decades, that deferral felt manageable. It no longer does.

Anthropic recently disclosed that its Claude Mythos Preview model has already found thousands of high-severity vulnerabilities across every major operating system and web browser, surpassing all but the most skilled human hackers. The disclosure prompted Anthropic to launch Project Glasswing, an emergency coalition of major technology and security firms to address the risk frontier AI models pose. What Mythos Preview and Project Glasswing are really telling us is that the doctrine of intra-domain superiority, the assumption that we can contest the digital environment skillfully enough to stay ahead of determined adversaries, has a ceiling, and we may be approaching it faster than anyone expected.

Intra-domain superiority is a treadmill. AI just made it faster.

For three decades, cyber attackers and defenders have traded escalating blows. Each time attackers gained the upper hand (ex. botnets, polymorphic exploit code, supply chain infiltration, living-off-the-land techniques), defenders adapted and held the line. Historically impressive, this repeating pattern of offense innovates and defense catches up has depended on the gap remaining closeable. AI is challenging that assumption in ways previous advances did not.

The “Defend Forward” doctrine, first articulated in the 2018 U.S. Department of Defense Cyber Strategy. It has since extended across diplomatic, economic, informational, and military instruments of national power, reflects the mature form of this intra-domain logic: contest the domain persistently rather than waiting to be attacked. It is the right instinct, and the work being done by U.S. government and private-sector organizations that have adapted it is serious and consequential. It is also, on its own, no longer enough.

Capabilities that once required nation-state resources and months of careful reconnaissance can now be compressed, automated and placed in far more hands. Project Glasswing is an acknowledgment of exactly this: a capability gap opened so fast it required an emergency coalition response before the model was even released. Contesting the digital domain doesn’t resolve that tension — it sustains it, at accelerating cost.

The profit motive compounds the problem.

The organizations most exposed to cyber-enabled sabotage like energy, water, transportation, healthcare and finance, are also those with the strongest short-term incentives to stay maximally connected. Digital integration is cheap, scalable and margin friendly. Security is none of those things. Resilience, in particular, is nearly impossible to quantify until the precise moment you desperately need it, which is why it gets deferred. Industry integrated digital control into our most critical functions not because we carefully weighed the trade-offs, but because it was efficient. The seeds of vulnerability were planted in the same soil as the seeds of productivity. Mythos Preview suggests the harvest is arriving.


The answer exists. We need to pursue it.

Intra-domain defense like Defend Forward remains necessary. But the world also needs a strategy for reducing what adversaries can reach in the first place. Extra-domain architectural defense means deliberately limiting the exposure of critical functions to a contested digital environment, rather than assuming those functions can be adequately protected within it.

This is not a novel concept. For more than a decade, researchers at the Idaho National Laboratory have advocated redesigning the architecture of digitally controlled critical infrastructure to reflect the actual threat environment. Methodologies like Cyber-Informed Engineering and INL’s Consequence-driven Cyber-informed Engineering offer a rigorous framework for doing exactly that — identifying the functions that cannot fail, understanding precisely how they are delivered, and engineering the most catastrophic failure modes out of digital reach. The goal is not to disconnect systems wholesale, but to ensure that the consequences, no matter how sophisticated the attack, remain bounded.

The economics increasingly support this path. As intra-domain defense costs climb — more tooling, more analysts, more continuous monitoring, more incident response — the relative cost of architectural redesign has grown more competitive. For critical infrastructure operators weighing open-ended defensive spending against a one-time investment in consequence-limiting design, the calculus is shifting.

Staying on the treadmill is itself a bet — and the odds are worsening.

Functions that cannot fail should not depend entirely on winning a continuous contest within a domain where the adversary’s capabilities are AI-enabled. The more defensible posture asks not only how to fight better in a contested digital space, but whether the most critical functions can be delivered in ways that reduce their exposure to it. That requires honest answers to uncomfortable questions: What are we actually protecting? How is it actually delivered? And are the assumptions built into that delivery still sound?

Project Glasswing may buy time. It will not change the underlying dynamic. The same responsibility that led Anthropic to disclose Mythos Preview’s capabilities before deployment now falls to the policymakers and operators responsible for critical infrastructure: to look clearly at what has been built and whether it can survive what is already arriving.

The treadmill will not stop. But we do not have to keep designing our most critical systems as though it will.

About the Author
Micah Steffenson is portfolio manager for critical function assurance and cyber-enabled sabotage research at Idaho National Laboratory. Read More >

About Idaho National Laboratory
Battelle Energy Alliance manages INL for the U.S. Department of Energy’s Office of Nuclear Energy.