UK Banks Gain Access to OpenAI's GPT-5.5 Amid Anthropic's Project Glasswing Exclusion
Several major UK banks, excluded from Anthropic's AI security initiative Project Glasswing, are being offered access to OpenAI's GPT-5.5 Cyber as an alternative.
Major UK financial institutions, including HSBC, Lloyds Banking Group, and Nationwide, are set to gain access to OpenAI's GPT-5.5 Cyber model. This development follows their exclusion from the latest expansion of Anthropic's Project Glasswing, an initiative designed to prepare critical infrastructure providers for the evolving threat landscape posed by advanced AI.
Project Glasswing, and its associated Mythos Preview model, aims to equip organizations with the knowledge and tools to defend against AI-driven cyber threats. However, despite a significant fourfold expansion of its partner network, only JPMorgan Chase was named among the financial institutions to receive access to Mythos Preview. This has led to concerns, particularly within the UK, that geopolitical considerations may be influencing Anthropic's access decisions, potentially leaving critical sectors more vulnerable.
NatWest and Santander are already engaged in testing OpenAI's GPT-5.5 Cyber through separate agreements, indicating a proactive approach by some UK banks to leverage AI for cybersecurity. The broader offer to nine UK banks suggests a concerted effort to provide alternatives to those overlooked by Anthropic's program. Andrew Bailey, Governor of the Bank of England, has publicly expressed frustration over the UK's exclusion from Glasswing, hinting at suspicions that US administrative processes are impacting Anthropic's partner selection.
Liam Salsi, director of architecture at Talion, suggested that the exclusion of UK banks from Project Glasswing might be politically motivated. He posits that the US government's desire to control access to advanced AI platforms could be a factor, aiming to prevent them from falling into the wrong hands. However, Salsi warns that such restrictions could inadvertently increase the exposure of some financial institutions to cyber threats, potentially widening windows of opportunity for attackers.
Salsi also noted that the competitive landscape among AI platforms is rapidly evolving, with new advanced models like GPT-5.5 emerging shortly after Mythos. This competition is expected to close security gaps and make advanced AI systems more accessible to a wider range of critical organizations. He cautioned, however, that an over-reliance on a single AI product across the global banking sector could introduce a single point of failure.
Anthropic has not officially commented on its selection criteria for Project Glasswing partners. Meanwhile, the initiative itself is expanding significantly, aiming to grow its membership from approximately 50 to 200 organizations globally. These new members, drawn from 15 countries, will join existing security firms, tech giants, government agencies, and open-source maintainers. While official names are withheld, reports suggest South Korea, along with companies like Samsung and SK Hynix, are among the new inductees.
Project Glasswing's Mythos Preview model is described by Anthropic as an expert bug hunter capable of finding vulnerabilities far more efficiently than humans. While some users, like Cloudflare's CISO, have praised its capabilities, others, including cURL's Daniel Stenberg and security expert Kevin Beaumont, have expressed skepticism, viewing it partly as a marketing exercise. Anthropic maintains that new partners must meet stringent security requirements and that successful attacks on their systems could have catastrophic global ramifications.
The timeline for public release of Anthropic's Mythos model remains undisclosed, leaving many in the cybersecurity community eager to understand when these advanced AI capabilities will be broadly available, and what implications this will have for the future of cybersecurity defense and offense.