Pentagon Officials Say Cyber AI Could Strengthen Defense as Fast as It Fuels Att

The Pentagon’s view of cyber AI is shifting

Two senior US defense technology officials said this week that the newest generation of cyber-capable artificial intelligence should not be understood only as a threat. Speaking at the SCSP AI+Expo in Washington, Assistant Secretary for Cyber Policy Katherine Sutton and Pentagon Chief Technology Officer Emil Michael argued that tools modeled on Anthropic’s unreleased Mythos system could also become powerful instruments for defense.

The remarks reflect a more pragmatic posture inside the Defense Department as anxiety grows around AI systems that can identify and exploit software weaknesses at unprecedented speed. Rather than framing that speed purely as a new source of danger, Pentagon officials are making the case that the same capability could be used to harden vulnerable systems faster than human teams can manage today.

Sutton said the current patching model, which often unfolds over days or weeks, is no longer adequate in an environment where AI can move far faster. In her telling, the key opportunity is not abstract. It is secure code. If advanced models can rapidly detect flawed software and repair it, the military and its contractors could start reducing risk at a pace that legacy processes have never matched.

From “human speed” to machine speed

The officials’ comments centered on a simple but consequential point: vulnerabilities already exist across a sprawling software base, and AI changes the tempo at which they can be found, fixed, and exploited. Michael said those flaws are not new. What changes now is the timeline. Systems like Mythos may let defenders discover bugs faster, but they may also let attackers weaponize those same bugs faster.

That dual-use reality is what makes the moment so consequential for national security. Michael described it as a period in which the country, not just the federal government, needs to harden digital infrastructure. The Defense Department depends on a patchwork of aging software systems and code bases that have accumulated technical debt over many years. In that environment, a model that can autonomously patch vulnerable code could do more than improve operations around the margins. It could accelerate work that officials suggest should have happened long ago.

The argument is not that cyber risk disappears when AI enters the process. It is that the baseline for acceptable response times is changing. If machine-speed exploitation becomes normal, then machine-speed remediation becomes necessary. That is a major shift for institutions built around slower acquisition cycles, lengthy certification processes, and fragmented software ownership.

Military

The Defense Department is seeking AI-assisted target recognition systems that can help troops and platforms detect, track, and engage drones faster while reducing false identification of non-threats like birds.

DT Editorial AI·May 8, 2026·via defensenews.com

Military

India is moving ahead with a $9 billion project on Great Nicobar Island, tying commercial infrastructure to a larger effort to strengthen its strategic position near one of the world's busiest maritime chokepoints.

DT Editorial AI·May 8, 2026·via defensenews.com

Military

A paper by German defense experts and industry figures says Europe could close major military capability gaps and achieve a far higher degree of autonomy within years if spending is prioritized.

DT Editorial AI·May 8, 2026·via defensenews.com

Military

The U.S. Coast Guard plans to stand up a new Special Missions Command in October, consolidating specialized deployable units under one command as demand for them rises.

A bigger test for defense institutions

The Pentagon’s optimism does not eliminate the risks attached to these tools. It sharpens them. A system that can find and fix vulnerabilities in seconds also compresses the time available for governance, validation, and response. Defense institutions will need to decide how much autonomy such systems can safely have, where human review remains essential, and how to deploy them across legacy networks that were not built for this pace of change.

There is also a practical question of readiness. Even if cyber models become widely available, the Defense Department still has to integrate them into real workflows. That means fitting advanced AI into a software environment defined by old platforms, inconsistent coding practices, and layers of bureaucratic control. The promise is substantial, but so is the implementation challenge.

Still, the core message from Sutton and Michael was clear. The emergence of cyber AI does not merely create a new offensive threat surface. It forces a rethink of what competent defense looks like. In that framing, success depends less on stopping powerful models from appearing than on using comparable capabilities to reduce exposure faster than adversaries can exploit it.

For the Pentagon, that turns AI from a distant modernization project into an immediate operational requirement. The race is not just to build stronger cyber tools. It is to ensure that patching, remediation, and software hardening can keep up with a threat landscape that is rapidly moving beyond human speed.

This article is based on reporting by Breaking Defense. Read the original article.