Terry Gerton In recent weeks, articles about Anthropic’s latest AI model, Mythos, have been making headlines—along with growing concerns about the dangers it might bring. When a tech firm restricts access to its own AI system due to fears it could be misused, that naturally raises eyebrows. But what does that kind of reaction suggest about the way AI tools like Mythos are reshaping the cybersecurity landscape?
Justin Miller The way I look at cybersecurity is through three lenses: people, processes, and technology. Right now, we’re reaching a point where—despite having highly skilled individuals working with advanced technology—we still need people who understand how to manage these systems responsibly. They must grasp the ethical and moral implications of what AI can do within the cyber world and what consequences that might bring. That means ensuring proper policies are in place, that governance is handled well, and that we have professionals in the field who keep us ahead of emerging threats while acting ethically and responsibly. That’s what I mean when I address this question.
Terry Gerton We’ll circle back to that in a moment, but I’d like to focus on the AI side first. Experts have long searched for software vulnerabilities, but what makes AI-powered tools like Mythos stand out when it comes to finding unknown flaws—and doing so quickly and at scale?
Justin Miller AI acts as a force multiplier when it comes to cybersecurity. A zero-day vulnerability is one that hasn’t been discovered yet—and that’s what makes it so dangerous. Traditional methods alone can’t keep up with how fast threats evolve. We need AI to help us detect those hidden weaknesses before they’re exploited. The faster we can identify these risks, the sooner we can respond. And that’s where AI becomes invaluable—as long as we’re using it for the right reasons and steering it toward ethical outcomes.
Terry Gerton It feels like we’ve reached a point where only AI can counter AI—because human minds simply can’t process information that quickly. So what’s the danger of an AI arms race?
Justin Miller The speed is the real game-changer. It dramatically speeds up how vulnerabilities can be turned into weapons—but it also accelerates how quickly we can find and defend against them. In practice, it’s becoming a battle of machine versus machine. The key is making sure our AI systems are trained more effectively than those of our adversaries—and that our policies and governance frameworks keep pace with the technology.
Terry Gerton Let’s return to the ethics question. In my simple view, offensive cyber work is done by bad actors, while the good ones focus on defense. But with these new AI-powered capabilities, who do you think is most likely to exploit them early—and why?
Justin Miller With my background, I tend to think about the worst-case scenarios. When it comes to AI in cybersecurity, it lowers the barrier for attackers—especially cybercriminals or hostile nations. It lets them launch more frequent and sophisticated attacks. But here’s what I’ve learned over time: we’re not just fighting lone hackers—we’re up against trained, practiced adversaries. Many students entering the field today aren’t exposed to these kinds of threats during their education. Once they enter the workforce and join organizations, they get real-world experience—but that on-the-job learning curve can be steep. I tell my students that landing a breach investigation role early is a lucky break—because nothing prepares you like facing actual attacks. There’s an old saying: everyone has a plan until they get punched in the mouth. That’s when the real learning begins. Being able to handle skilled, determined, and well-resourced enemies is exactly what we’re preparing our graduates for at the University of Tulsa—and every cybersecurity student and professional needs to keep training, keep adapting, because the threats they’ll face are serious, persistent, and backed by experienced, well-funded groups aiming to undermine U.S. interests.
Terry Gerton Justin Miller is an associate professor of cyber studies at the University of Tulsa. Mr. Miller, if attackers—as you described—are well-funded, organized, trained, and faster than ever, how should agencies and businesses change their approach to detecting threats, patching systems, and responding to incidents?
Justin Miller We need more hands-on, real-world training in the classroom. And we need to increase the intensity of that training. When our students return from internships or jobs in the industry, they often come back saying, “You sent us really talented people, but they struggle to explain technical details quickly under pressure.” That’s exactly what we’re working on: placing students at computers, giving them realistic exercises, and forcing them to communicate what they’re doing in real time. The goal is to produce faster, clearer responses in actual industry environments.
Terry Gerton Does this new capability shift the balance—giving an edge to offensive cyber operations by nation-states?
Justin Miller I believe that nation-states will always lean toward offensive strategies. Looking back, the U.S. established Cyber Command around 2010 because leaders recognized cyberspace as a fifth domain of warfare—joining land, sea, air, and space. This blurred traditional lines between defense and offense. One major challenge is that critical systems—like those in healthcare, transportation, utilities, finance, and telecommunications—are all interconnected through public and private networks. Defending this vast ecosystem requires cooperation across sectors. The creation of CISA in 2018 reflected another shift: recognizing that cyber threats aren’t just technical—they’re also about influence, like what we saw during the 2016 election interference. Today, cyber warfare includes information manipulation and social media tactics—such as Iran recently responding through official social media channels. So cyber is no longer just about breaking into systems—it’s about shaping narratives and influencing public opinion.
Cyber threats have grown rapidly. Now we’re dealing with zero-day attacks, machine-to-machine attacks, and even offensive influence campaigns, says Terry Gerton.
Terry Gerton Which organizations or activities do you consider most at risk from these kinds of offensive and influence campaigns?
Justin Miller Our transportation networks, utility companies, water systems, and telecom providers are especially vulnerable. And when we consider the three pillars—people, processes, and technology—I believe people play a truly strategic role. We need to pay close attention to these individuals, because it’s the late-night janitor or the overnight shift worker at a water treatment plant whose only responsibility is to sit and watch a screen for eight to ten hours while tracking network activity—those people are essential to how the process of securing the network operates. These workers hold crucial knowledge about our essential infrastructure—water, utilities, healthcare facilities. We need to ensure everyone is included in cybersecurity conversations. In my experience, many meetings are dominated by lawyers reviewing documents, while technical experts are rare. When examining cyber operations, I always requested to meet with physical security staff, janitors, and overnight workers to understand what they observe daily regarding system activity. The cybersecurity picture extends far beyond IT and cyber specialists—every employee in an organization contributes, whether they’re a janitor or a systems operator. Their daily observations about the company’s operations, from parking areas to cyber networks, provide valuable insights.
Terry Gerton Having served 25 years as a Secret Service Special Agent, what concerns you most about today’s cyber landscape?
Justin Miller What concerns me most is the possibility of a chain reaction involving multiple threat actors. When you look at the combination of China, Russia, Iran, and recently North Korea—over my 25-year career, I’ve handled cases connected to these nation-state actors. We know they’ve infiltrated our telecom infrastructure. Iran attempted to breach the Bowman Dam and is showing improved cyber capabilities. But the real danger is that cascading scenario where all four actors coordinate attacks simultaneously targeting us at once—that would be truly alarming.
Copyright
© 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
