Key Points
Financial authorities do not typically convene emergency meetings over software releases. Yet that is precisely what followed the limited release of Anthropic’s AI model, Claude Mythos. Regulators and banks across the US, UK, South Korea, and Japan held urgent discussions on the potential cyber risks posed by the model.
Notably, the release of Mythos rattled more than just regulators — it also unnerved investors. Markets began to worry that AI-native firms like Anthropic, armed with models as capable as Mythos, could eventually render traditional cybersecurity vendors obsolete. So just how powerful is Mythos and is the concern justified?
What is Claude Mythos?
Mythos Preview, the limited internal release of Anthropic’s latest AI model, represents a step change in what AI can do in cybersecurity, particularly on the offensive side. The model can identify and exploit zero-day vulnerabilities — security flaws unknown to developers and therefore unpatched — across all major operating systems and web browsers. In some cases, it has uncovered vulnerabilities that are decades old and extremely difficult to detect, including a now-patched 27-year-old bug in OpenBSD — an operating system widely regarded for its security.
Mythos is also notable for its speed and sophistication. Exploits that would take skilled human hackers weeks to develop can be generated in a matter of hours. Even more concerning is its ability to chain together multiple low-severity vulnerabilities into a single critical exploit. In one demonstration, Mythos linked four separate vulnerabilities to bypass a browser’s security layers.
Importantly, Mythos is not alone in advancing these capabilities. Other frontier AI models, such as GPT-5.4-Cyber from OpenAI and Big Sleep from Google, are demonstrating similar potential—and more are likely to follow.
Recognising these risks, Anthropic has opted not to release Mythos publicly. Instead, it has launched Project Glasswing, a controlled partnership involving organisations such as Amazon, Microsoft, JPMorgan, Google, CrowdStrike, and Palo Alto Networks, granting access to help secure critical systems.
Mythos Is not an immediate threat to the cybersecurity sector
Some investors have interpreted Mythos not only as a threat to software security, but also to cybersecurity companies themselves. The concern is that AI-native firms like Anthropic could eventually replace traditional vendors given the capabilities of frontier models. However, we think this concern is overstated.
Firstly, there is a fundamental difference between finding vulnerabilities and preventing breaches. Mythos—at least in its current form— can uncover and exploit weaknesses in code, but it does not provide the end-to-end protection enterprises require. Effective cybersecurity requires real-time threat detection, rapid response, and system-wide integration. This is where established cybersecurity firms continue to provide value.
Secondly, large language models (LLMs) still exhibit high error rates, particularly in complex, real-world environments. Palo Alto CEO Nikesh Arora has noted that false positive rates for LLMs are around 30%. In cybersecurity, such error margins are unacceptable. An AI system that incorrectly flags benign activity could disrupt operations, while one that misses a genuine threat could result in a breach. Until reliability improves materially, AI models like Mythos are not viable replacements for established cybersecurity platforms.
Thirdly, Mythos is more likely to act as a catalyst for increased cybersecurity spending rather than reducing it. For years, boards have tolerated chronic underinvestment in security infrastructure. That dynamic is now shifting as frontier AI models significantly enhance the capabilities of malicious actors. Vulnerabilities that once went undetected for years can now be discovered and exploited almost instantly, compressing the time between discovery and attack. This materially increases the urgency of cybersecurity investment and strengthens board-level conviction to allocate greater budgets to mitigate what is increasingly a direct business risk. Bain & Company estimates that many large enterprises may need to increase cybersecurity spending by up to two times to defend against AI-enabled threats—far above the roughly 10% annual increases most companies are currently planning. In this sense, AI is not a substitute for cybersecurity solutions, but a powerful demand driver.
Longer-term disruption is possible, but platform leaders should prevail
That said, longer-term disruption cannot be ruled out. Certain segments of the cybersecurity industry could come under pressure. Vulnerability management firms such as Tenable, Qualys, and Rapid7, for example, focus heavily on identifying and prioritising vulnerabilities. If frontier AI models can perform these tasks faster and more effectively, parts of their value proposition may erode over time.
At the same time, AI-native players such as Anthropic and OpenAI could expand into adjacent security services, potentially competing more directly with legacy providers.
However, platform leaders are structurally well-positioned to withstand such disruptions. Firms such as Palo Alto Networks and CrowdStrike are not single-product vendors; they offer integrated platforms spanning endpoint, cloud, and identity security, among others. This breadth makes them inherently more resilient to disruption, as their value lies not in any single function, but in the coordination of multiple layers of defence. Importantly, both companies are not only embedding AI deeply into their offerings but are also partnering with Anthropic on Claude Mythos. This positions them at the forefront of the transition and helps ensure they remain leaders as the cybersecurity landscape continues to evolve.
Crucially, these companies also possess a critical advantage: data. Effective AI-driven cybersecurity depends on vast, high-quality datasets that capture how systems behave under both normal operations and malicious activity. These datasets have been accumulated over years of deployment and are extremely difficult to replicate. Any new entrant attempting to build a competing AI-powered defence system would face a significant data disadvantage, even if they have access to equally advanced models.
The cybersecurity sector is trading at a steep discount
Taken together, frontier AI does not displace cybersecurity incumbents but rather reshapes the competitive landscape. While certain segments of the industry could face disruption over time, we believe the near-term impact is more likely to be a broad acceleration in cybersecurity demand.
We expect rising enterprise cybersecurity spending to more than offset any earnings pressure on companies vulnerable to disruption from increasingly sophisticated AI models, supporting continued double-digit EPS growth for the Indxx Cybersecurity Index. As enterprises deploy more AI agents across their operations, they also introduce new vulnerabilities, including prompt injection attacks (where AI systems are tricked into performing unintended actions), unintentional data leakage, and overly permissive system access. At the same time, attackers are increasingly leveraging AI to discover and exploit vulnerabilities at greater speed and scale, compressing the response window for enterprises. Together, these dynamics are set to accelerate cybersecurity investment as organisations move to harden systems against both AI-enabled attacks and risks arising from their own AI deployments.
Against this backdrop, investors with a higher risk tolerance may consider platform leaders such as CrowdStrike Holdings and Palo Alto Networks. As mentioned, these firms offer multiple security functions through integrated platforms and are well positioned to embed AI across their product ecosystems, minimising disruption risk while also capturing greater market share.
More conservative investors, on the other hand, may prefer diversified exposure through an ETF such as the Global X Cybersecurity ETF (NASDAQ: BUG), which offers broad exposure to the sector’s structural growth potential while reducing company-specific risk. Within BUG, certain names such as Tenable, Qualys, and Rapid7 could face pressure over time as AI increasingly automates vulnerability discovery and prioritisation, though their combined weighting in the ETF remains relatively modest at around 8.5%.
Applying a fair P/E multiple of 35x to projected 2028 earnings for the IBUGT Index, we derive a target price of USD 57 for BUG, implying 96% upside from its closing price on 7 May 2026. Even under a more conservative valuation scenario using a 30x P/E multiple, the implied upside remains compelling at 68%. This reflects what we view as a deep valuation discount in cybersecurity stocks driven by concerns around AI disruption, which we believe is overstated given the sector’s ability to adapt and benefit from rising demand.
In many ways, frontier AI may do for cybersecurity what cloud computing once did: increase complexity, expand attack surfaces, and ultimately deepen enterprise dependence on large-scale security platforms.
Table 1: Projections for the Indxx Cybersecurity Index
|
IBUGT Index |
2025 |
2026E |
2027E |
2028E |
|
Earnings Per Share (EPS) |
78.4 |
86.5 |
99.0 |
114.6 |
|
Earnings Growth YoY |
17.8% |
10.3% |
14.5% |
15.7% |
|
PE Ratio (X) |
27.0 |
23.7 |
20.7 |
17.9 |
|
Target Price for Index (based on a fair PE of 35X) |
4,011 |
|||
|
Upside Potential |
95.8% |
|||
|
Target Price for ETF (USD) |
57 |
|||
|
Source: Bloomberg Finance L.P., iFAST estimates. Data as of 7 May 2026 |
||||
Figure 1: Share prices are driven by earnings growth in the long run
Declaration:
This research report was prepared with the assistance of artificial intelligence (AI) tools. iFAST Financial Pte Ltd does not rely exclusively on AI for content generation; the content of this report – including all investment theses, ratings, price targets and conclusions – has been independently reviewed and verified by the research analyst(s) to ensure accuracy and professional integrity.
For specific disclosure, at the time of publication of this report, IFPL (via its connected and associated entities) holds a NIL position in the abovementioned securities. The analyst who produced this report holds a position in Palo Alto Networks.
All materials and contents found in this site are strictly for general circulation and informational purposes only and should not be considered as an offer, or solicitation, to deal in any of the funds or products found/identified in this site. While iFAST Financial Pte Ltd ("IFPL") has tried to provide accurate and timely information, there may be inadvertent delays, omissions, technical or factual inaccuracies and typographical errors. Any opinion or estimate contained in this report is made on a general basis and neither IFPL nor any of its servants or agents have given any consideration to nor have they or any of them made any investigation of the investment objective, financial situation or particular need of any user or reader, any specific person or group of persons. You should consider carefully if the products you are going to purchase are suitable for your investment objective, investment experience, risk tolerance and other personal circumstances. If you are uncertain about the suitability of the investment product, please seek advice from a financial adviser, before making a decision to purchase the investment product. Past performance is not indicative of future performance. The value of the investment products and the income from them may fall as well as rise. Opinions expressed herein are subject to change without notice. In respect of any matters arising from, or in connection with the said research analyses or research reports, recipients of the report are to contact IFPL at 10 Collyer Quay, #26-01 Ocean Financial Centre Building, Singapore 049315, or by telephone at +65 6557 2853. Where the report contains research analyses or research reports from a foreign research house and if the recipient of such research analyses or research reports is not an accredited investor, expert investor, institutional investor or an ex-accredited investor, IFPL accepts legal responsibility for the contents of such analyses or reports to such persons only to the extent as required by law. Please note that only certain security(ies) herein are available to all investors, while the rest are only available for certain persons to invest in, such as Accredited Investors (as defined in the Securities and Futures Act) or one who invests at least S$200,000 (or its equivalent currency) per transaction. To qualify as an Accredited Investor, one needs to submit a declaration form and certain relevant supporting documents, according to iFAST’s prevailing policies and procedures.
Please read our full disclaimers on the website at ( https://secure.fundsupermart.com/fsmone/policies/328125/investment-account-terms-&-conditions).
iFAST Financial Pte Ltd (IFPL) (registered address: 10 Collyer Quay #26-01 Ocean Financial Centre Singapore 049315, Telephone: 6557 2000) holds the Financial Advisers Licence issued by the Monetary Authority of Singapore ('MAS') to conduct regulated activities of advising on securities, marketing of collective investment schemes and arranging of any contract of insurance in respect of life policies, other than a contract of reinsurance and the Capital Markets Services Licence issued by the MAS to conduct regulated activities of dealing in securities and providing custodial services for securities. While IFPL has made every effort to ensure the independence of the report's contents, IFPL's nature of business is such that IFPL and its connected and associated entities together with their respective directors, officers and staff may be involved in providing dealing or investment-related services in the abovementioned securities, and have taken or may take positions in the securities mentioned in this report, and may also act as the principal for any buy or sell trades.