Overview
- OpenAI has supplied its GPT-5.5‑Cyber model to the Japanese government and select partners, with verified access running to major banks under a Trusted Access for Cyber program.
- Anthropic’s Claude Mythos is also being provisioned to the same megabanks for defensive use after demonstrating the ability to autonomously identify zero‑day vulnerabilities.
- Japan formed a 36‑member public‑private working group chaired by Mizuho’s CISO to coordinate deployments, craft responsible‑disclosure processes, and oversee identity‑based access controls.
- Regulators warn these tools are dual‑use because the same automated exploit‑finding that helps defenders can be used by attackers, raising urgency for tight vetting and narrow distribution.
- Concentrating advanced cyber models at a few large banks could leave smaller firms exposed and increase systemic risk, so international testing, patching plans, and wider access strategies remain key next steps.