Critical infrastructure operators have always lived with a hard truth: some of the systems that matter most are the hardest to patch.
In enterprise IT, the standard answer to a newly discovered vulnerability is often straightforward: patch it, reboot it, roll it back if needed, and move on. In critical infrastructure, that is rarely so simple. Operational Technology (OT) environments are built around availability, safety, reliability, and long asset lifecycles. Many systems run for decades. Some are vendor-constrained. Some require planned outages. Some cannot be patched quickly without risking disruption to production lines, power delivery, transportation operations, water systems, or other essential services.
NIST’s OT security guidance explicitly highlights OT’s unique performance, reliability, and safety requirements, and notes that many OT assets have long lifespans and include unsupported legacy components. That long-standing challenge is now colliding with a new one: the rise of highly capable AI models designed for cybersecurity tasks.
Anthropic’s recently announced Project Glasswing and Claude Mythos Preview signal a major change in the cyber landscape. Anthropic says Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser, and is being shared with selected organizations to help secure critical software before similar capabilities spread more broadly. Anthropic’s stated concern is blunt: as AI capabilities accelerate, the fallout for economies, public safety, and national security could be severe if defenders do not move fast enough.
For critical infrastructure, that is the real story. The biggest impact of AI-powered cyber attacks is not just that they can find more flaws. It is that they compress the time between vulnerability discovery and exploitation, while many OT and hybrid IT/OT environments still require slow, careful, operationally sensitive remediation. But there is a second change that may be even more important: once an initial breach occurs, contagion inside the environment can increasingly be automated. In the past, lateral movement and escalation often required sustained human guidance and could unfold over weeks or months. With AI, that timeline can compress to minutes or even seconds. That raises the importance of pre-established Zero Trust controls designed to block contagion by default and makes organizations less able to rely on human-driven mitigation after a breach has been discovered.
Why patching is different in critical infrastructure
OT security is governed by a different set of realities than enterprise IT.
According to NIST SP 800-82, OT security has to be implemented in ways that preserve safety and operational continuity. Changes often need to be tested offline or coordinated with vendors. Security updates may need to wait for planned maintenance windows. In some environments, even a reboot can be unacceptable. NIST also notes that OT systems often remain in operation for more than 20 years, and many include legacy hardware and software that may no longer be supported.
This is why patching can itself become an operational risk.
A rushed update that disrupts a manufacturing line, destabilizes an electric grid process, interrupts transportation control systems, or affects a safety-critical workflow can create consequences that rival the cyber risk the patch was meant to address. That is why OT operators often rely on staged validation, maintenance windows, vendor review, and compensating controls rather than immediate patch deployment. NIST’s guidance reflects exactly that reality.
CISA’s current guidance reinforces the same reality from another angle: in OT environments, some vulnerabilities cannot be remediated immediately, and some patches may introduce unacceptable availability or safety risk. In those cases, organizations should reduce exposure through compensating controls, while also removing direct internet exposure and hardening remote access. This guidance reflects a broader truth in critical infrastructure: exposed OT systems continue to face newly disclosed vulnerabilities and active exploitation.
What Mythos-class AI changes
AI models like Mythos Preview change the equation in three ways.
First, they increase the scale and speed of vulnerability discovery. Anthropic says these models can identify and help fix vulnerabilities across hardware and software at a pace and scale that was previously impossible.
Second, they increase pressure on defenders to act faster. If AI-assisted exploit development becomes widely available, the time defenders have to assess exposure, coordinate remediation, and deploy mitigations may shrink significantly. Anthropic’s own rollout strategy reflects this concern.
There is also a broader software supply chain reality that makes this challenge even harder. In both IT and OT environments, organizations rely extensively on open source code, commercial software, and embedded third-party components. Those dependencies are now so pervasive that it is unrealistic to assume every vulnerability can be remediated at the speed and scale AI-powered cyber models may uncover them, even for relatively patchable IT and cloud applications. As a result, the issue is no longer just faster vulnerability discovery. It is the growing gap between how quickly flaws can be found and how slowly complex software ecosystems can be fixed. That makes proactive threat defense and protection measures even more important, because organizations will need to operate securely even when vulnerable components remain present.
Third, they punish slow and brittle operating models. In sectors where patching is difficult, the answer cannot simply be “patch faster.” The more realistic answer is to reduce trust, reduce exposure, reduce blast radius, and make high-value systems harder to reach in the first place. That is where Zero Trust becomes essential.
A risk matrix for critical infrastructure in the AI era
Here is a practical way to frame the risk.
| Risk scenario | Why it matters more now | Operational reality | Risk level | Best response |
| Faster exploitation of newly discovered flaws | AI can accelerate vulnerability discovery and exploit development | OT teams may need days or weeks to test and schedule changes | High | Reduce exposure immediately, isolate critical assets, prioritize high-consequence systems |
| Long patch windows in OT | Time-to-exploit may shrink faster than time-to-patch | Planned outages, vendor dependencies, and safety review slow remediation | High | Use compensating controls, segment networks, enforce strong access controls |
| Legacy or unsupported systems | Older platforms are often easier targets and harder to fix | Some assets remain in service for 20+ years and may not be patchable | High | Protect with identity-based access, segmentation, monitoring, and tightly controlled connectivity |
| Third-party, embedded, and open source software exposure | AI can identify vulnerabilities across shared software dependencies at much greater scale | Organizations rely on embedded, open source, and vendor software they cannot fully remediate on demand | High | Use proactive protection, segmentation, identity-based access, monitoring, and containment controls |
| Operational disruption from patching | A defensive change can itself create outages | Poorly tested changes can disrupt factories, energy operations, or transportation workflows | High | Validate in stages, use maintenance windows, and design controls that minimize operational impact |
| Internet-exposed OT or remote access paths | AI-assisted attackers can quickly identify reachable targets | Many environments still carry legacy remote access or flat trust models | High | Remove direct exposure, require authenticated and least-privilege access, broker access through Zero Trust controls |
| IT-to-OT pivoting | Hybrid environments create new attack paths | Enterprise compromise can become operational compromise if boundaries are weak | High | Enforce identity-based access controls and segmentation across IT, OT, and third parties |
| Vendor remediation delays | Even identified vulnerabilities may not have immediate patches | Critical systems often depend on OEM validation and field support cycles | Medium-High | Build architecture that remains resilient even when vulnerabilities remain open |
The lesson is clear: in critical infrastructure, cyber resilience depends less on perfect patch velocity and more on the ability to operate safely and securely even when vulnerabilities remain unresolved — especially in environments built on complex open source and third-party software dependencies that cannot all be fixed at AI speed.
Why Zero Trust matters here
This is where many security strategies fail critical infrastructure operators. They assume a patch-first world. But critical infrastructure is often a protect-first world.
When systems are difficult to patch, the fastest way to reduce risk is to reduce implicit trust.
That means ensuring that users, devices, workloads, and remote sessions are continuously authenticated and authorized. It means limiting lateral movement. It means replacing broad network access with precise, identity-based access. It means making sure that contractors, operators, engineers, and third parties can only reach the systems they are explicitly allowed to reach, and nothing more.
This is especially important in mixed IT/OT environments, where the greatest risk often comes from a pivot: an attacker gains access through a remote connection, credential compromise, or enterprise foothold, and then moves into operational systems. In an AI-enabled threat model, that pivot may no longer unfold slowly enough for defenders to respond manually. Zero Trust is designed to break that chain in advance by limiting movement, constraining access, and containing contagion before it can spread across the environment.
What proactive action should look like
Critical infrastructure operators do not need more fear. They need practical action that matches operational reality. A proactive strategy should include:
1. Assume patching will be delayed
Build your security program around the fact that some vulnerabilities will remain open longer than anyone would like. Treat compensating controls as primary protections, not temporary workarounds.
2. Eliminate unnecessary trust paths
Reduce direct connectivity, especially into OT. Remove persistent remote access where possible. Make access explicit, identity-based, and time-bounded.
3. Protect without forcing disruption
Security controls must respect uptime and safety. NIST’s OT guidance is clear that changes must be operationally compatible. The right controls are the ones that strengthen protection without introducing instability.
4. Minimize blast radius
Even when a vulnerability exists, the damage it can cause should be constrained. Segmentation, least privilege, and tightly scoped access policies make that possible.
5. Secure third-party and remote operations
Remote engineers, support vendors, field teams, and partners often create the most sensitive access paths in critical environments. Those paths should be governed by Zero Trust principles rather than legacy VPN-style trust.
The opportunity ahead
The emergence of Mythos-class models should be seen as a warning, but also as a forcing function.
Critical infrastructure operators already know they cannot rely on patching alone. AI simply makes that reality harder to ignore. The organizations that adapt fastest will be the ones that move from perimeter-based assumptions to identity-based protection, from broad connectivity to controlled access, and from reactive patching to proactive resilience.
There is also a second-order issue emerging: AI systems themselves are becoming part of the attack surface. Internal AI components, models, data pipelines, and inference services may be targeted, manipulated, or compromised by AI-armed attackers. That makes Zero Trust relevant not only for protecting traditional IT, OT, and cloud assets, but also for safeguarding and governing the AI systems organizations increasingly depend on.
At Xage, we believe the answer is not to force critical infrastructure operators into disruptive rip-and-replace projects. It is to help them adopt Zero Trust protection quickly, in ways that align with operational requirements and reduce cyber risk without interrupting the systems the world depends on. Xage says its platform is designed to bring identity-based security across IT, OT, and cloud, and that organizations can begin enforcing Zero Trust security in days rather than through long, costly infrastructure replacement cycles.
