3 min read
Does Your MSP Have a Plan If You Get Hacked?
It's 2 p.m. on a Wednesday. One of your employees flags you down because her screen looks wrong. Files are missing. A ransom note has appeared. Your...
Your cybersecurity plan may have made sense a few months ago. The pace of artificial intelligence is changing that.
AI tools are getting better at writing code, finding software flaws, answering technical questions, and helping people do complex tasks faster. Those same strengths can help both cyber defenders and attackers.
That was the concern behind Anthropic’s Mythos AI model when we covered it earlier this year. Mythos showed that AI could help find software flaws at a speed that used to require more time, skill, and manual effort.
Since then, a lot has happened. Anthropic launched Fable, a broader Mythos-class model. The U.S. government temporarily pushed Anthropic to restrict access to Fable and Mythos. Access later returned with additional safeguards. Chinese firms also began promoting rival tools with similar vulnerability-finding goals.
For small and mid-sized businesses, here's the point: cyber risk is getting faster. Your defenses need to keep up.
I'll even put it in a graphic:
In June 2026, Anthropic launched Claude Fable 5, which it described as a “Mythos-class” model made safe for general use. Anthropic said Fable was its most capable broadly released model and showed strong performance in software engineering, research, analysis, vision, and other complex work.
Anthropic also launched Claude Mythos 5 for a smaller group of cyberdefenders and infrastructure providers. Mythos 5 uses the same underlying model as Fable 5, but with some cybersecurity safeguards lifted for trusted users.
A few days later, the U.S. government directed Anthropic to suspend access to Fable 5 and Mythos 5 for foreign nationals. Anthropic said it could not verify nationality in real time, so it disabled both models for all customers.
By July 1, access had returned. Anthropic said it had implemented additional safeguards and would keep working with government and industry partners on standards for evaluating and fixing jailbreaks, which are methods used to bypass an AI model’s safety controls.
Then China entered the story more directly. Reuters reported that Chinese cybersecurity firm 360 Security Technology claimed it had developed a domestic answer to Mythos, including a tool designed to automatically discover software vulnerabilities.
In a matter of weeks, Mythos-class capability moved from limited release, to broader availability, to government intervention, to global competition.
This is no longer a single company’s product update. It is part of a larger shift in how AI will affect cyber offense, defense, policy, and business risk.
A 40-person manufacturer, logistics company, medical practice, or professional services firm probably will not be the first target for the most advanced AI cyber tools.
The bigger concern is scale.
AI can make common attacks easier to produce and easier to repeat. A phishing email can sound more natural. A fake vendor request can look more believable. A scan for exposed systems can move faster. A software flaw can become useful to an attacker sooner.
That matters for businesses with lean teams.
Many small and mid-sized businesses we talk to have one internal IT person, a basic managed service provider, or a set of tools added over time. Some have email security. Some have endpoint protection. Some have backups, some even cyber insurance.
The risk lives in the execution: Who is watching alerts after hours? Who confirms patches were applied? Who knows which employees have access to which systems? Who checks whether backups can actually restore the business? Who decides which AI tools employees can use?
Those questions matter more and more as attackers move faster.
AI hasn't changed the fact that cyber risk often show up through all the familiar weak spots: logins, email, exposed systems, poor access controls, unmonitored tools, and unclear policies.
You need a cybersecurity program that can respond to a faster threat environment. Start with the controls that reduce the most risk:
AI-assisted vulnerability discovery shortens the time between “a flaw exists” and “someone may try to use it.”
That puts more pressure on patching, especially for systems connected to the internet. For many businesses, that includes things like firewalls, remote access tools, virtual private networks, servers, cloud systems, and line-of-business software.
A virtual private network, or VPN, lets remote users connect into company systems. If that doorway has a known flaw, attackers will look for it. The same is true for other remote access tools and internet-facing systems.
A practical patching process should answer a several basic questions:
Patching will never be perfect but it needs to be owned, tracked, and prioritized.
Many attacks still begin with a login.
That makes identity one of the most important parts of your security posture. Identity means the systems and rules that control who can access your email, files, applications, devices, and admin tools.
At minimum, key systems should require multi-factor authentication (MFA). MFA asks for a second proof of identity beyond a password: a mobile prompt, hardware key, or authentication code.
Your business should also use a secure password manager, role-based access, and a clean offboarding process when someone leaves.
Role-based access means people get access based on their job, not convenience. Your accounting team needs different access than your sales team. A plant manager needs different access than a part-time contractor.
When access is too open, one stolen login can quickly create a much larger problem.
Fast attacks create a coverage problem.
A security alert at 2:00 a.m. on Saturday still needs attention. Waiting until Monday can turn a small incident into a full-on business disruption.
Continuous monitoring helps connect activity across endpoints, email, identity, network, and cloud tools. An endpoint is a device such as a laptop, desktop, or server; endpoint protection watches for suspicious behavior on those devices.
Monitoring works best when someone can review alerts and act quickly. That may mean isolating a device, disabling a login, blocking a suspicious connection, or escalating to an incident response plan.
This is where many small businesses outgrow basic IT support. Help desk support and cybersecurity monitoring solve different problems. Both matter, but they do not replace each other.
Employees are already using AI tools. Some use them to write emails, others to summarize documents or troubleshoot software. Some may be pasting sensitive information into tools without realizing the risk.
Your business needs a simple AI use policy. Start with plain questions:
AI can help productivity. It can also create shadow systems where business data moves outside your visibility. A short, clear policy helps employees use AI without guessing.

If you lead a small or mid-sized business, start with a simple review. Ask:
Unclear answers point to real risk.
That risk usually grows when IT and cybersecurity are fragmented. One vendor manages backups. Another manages devices. Someone else handles phones. A separate tool handles email security. AI usage may sit outside IT entirely. When something goes wrong, fragmented support slows everything down.
The best response to AI-driven cyber risk is a more connected foundation: clear access controls, current systems, continuous monitoring, tested recovery, and practical rules employees can follow.
AI will keep changing. Your business does not need to react to every headline. It does need a security posture that can handle faster attacks and fewer warning signs.
If you are unsure where your current setup stands, let’s have a 15-minute Insight Session. No pitch, no obligation. We can talk through what has changed, where your business may have exposure, and whether a deeper review makes sense.
3 min read
It's 2 p.m. on a Wednesday. One of your employees flags you down because her screen looks wrong. Files are missing. A ransom note has appeared. Your...
4 min read
One of your employees is wrapping up a project from home when they get a message that looks like it's from a vendor: urgent invoice, needs a quick...
4 min read
You've probably noticed the cybersecurity headlines getting louder this spring. One announcement in early April 2026 stood out enough that it pulled...