Malik Haidar has spent decades navigating the high-stakes world of multinational cybersecurity, bridging the gap between complex threat intelligence and the strategic needs of global corporations. As a seasoned expert in identifying and neutralizing hackers, he possesses a rare perspective on how emerging technologies can serve as both a shield and a sword in digital warfare. Today, we sit down with Malik to discuss the growing tension between government regulation and technological innovation, specifically focusing on the recent U.S. restrictions placed on Anthropic’s most advanced artificial intelligence models. Our conversation delves into the controversial export controls on Mythos 5 and Fable 5, the collective pushback from over 50 industry leaders, and the potential risks of leaving cyber defenders without their most powerful tools while global adversaries continue to advance.
How do you interpret the US government’s decision on June 12th to suddenly restrict access to Anthropic’s newest frontier models?
The directive issued on June 12 felt like a sudden, jarring shock to the entire tech ecosystem, effectively freezing access to Mythos 5 and Fable 5 for any foreign national. This move forced Anthropic to suspend these models for all customers to stay compliant, which felt incredibly abrupt to those of us relying on the latest tech for defense. The government cited “national security concerns,” seemingly triggered by research that claimed to bypass the guardrails on Fable 5. It is a classic case of federal caution colliding with the fast-paced reality of the private sector, and it has left many of my colleagues feeling like the rug was pulled out from under them. While I understand the fear of these models being misused, the way this was handled created more confusion than security in the immediate aftermath.
Anthropic mentioned that the vulnerabilities identified weren’t unique to their models—why then do you think the government took such a hardline stance specifically against Fable 5 and Mythos 5?
It is a bit of a head-scratcher because Anthropic was very clear that the “minor vulnerabilities” discovered were things that other models, even older or publicly available ones, could already find. The government seems to have been spooked by a specific demonstration of a jailbreak technique, even though no “universal jailbreak” actually exists for Fable 5. In their eyes, the risk of a frontier model being used to weaponize exploits outweighs the benefits of open access, but they are ignoring the fact that models like OpenAI’s GPT-5.5 or China’s Kimi 2.7 already have similar capabilities. This specific crackdown feels targeted at Anthropic’s newest releases, perhaps because they were touted as being so advanced in the cybersecurity space. By locking them down, the authorities are trying to control a tide that has already reached the shore.
A group of 54 experts, including leaders from Zoom and Sophos, signed an open letter against this ban; what is the core of their argument from a defender’s perspective?
The core of that letter, which was sent to officials like Howard Lutnick and Sean Cairncross, is the idea that you cannot protect a house if you aren’t allowed to see where the locks are weak. These 54 signatories, including heavyweights like Alex Stamos and Joe Levy, argued that pulling these capabilities away from defenders is dangerous when our adversaries are moving full steam ahead. To find insecure code, you need a model that is actually good at identifying flaws, which is exactly what Mythos 5 was designed to do for the “good guys.” By restricting these tools, the government is creating massive market uncertainty and risking America’s leadership in AI without a truly unique risk to justify it. We are essentially being told to fight a high-tech war with outdated maps while the rest of the world has satellite imagery.
How can the government and the AI industry find a middle ground that ensures security without stifling the tools necessary for modern digital defense?
We need to move away from these “all-or-nothing” bans and toward a more transparent, scientific process for assessing risk, as William Wright from Closed Door Security suggested. Instead of causing logistical chaos with sudden directives, the government should work hand-in-hand with practitioners to create clear guiding principles for model safety. This would involve real-time collaboration where Anthropic can address specific bypass techniques while still keeping the models in the hands of legitimate security vendors. It’s about building resilience through partnership rather than trying to enforce silence through export controls. If we don’t establish a predictable framework, we’re just going to keep running into these roadblocks that stall our defensive progress.
What is your forecast for the future of frontier AI models in the cybersecurity sector?
I believe we are heading toward a tiered access system where frontier models like Mythos 5 are not banned, but rather “vetted” for specific industries and high-level defense roles. The pressure from the cybersecurity community will eventually force the government to realize that a blanket ban on the best tools is a gift to foreign adversaries who are already using their own models like Kimi 2.7. We will see more “defensive-only” versions of these LLMs with specialized guardrails that allow CISOs to scan code for vulnerabilities without the risk of the model being exported to hostile actors. Ultimately, the necessity of staying ahead of hackers will outweigh the current regulatory hesitation, but the road to getting there is going to be incredibly bumpy for the next few years.
