U.S. pushes AI security

U.S. banking regulators are pressing major lenders to harden their systems against artificial intelligence-driven cyberattacks after an urgent Washington meeting last week. (bloomberg.com) Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell gathered Wall Street executives at the Treasury Department on Tuesday, April 7, to discuss risks tied to Anthropic’s latest model, Mythos, according to Bloomberg. The report said the meeting was arranged on short notice and focused on precautions banks should take now. (bloomberg.com) Banks are worried about “agentic” artificial intelligence systems because they do more than answer questions: they can plan, take actions, and adapt with limited human supervision. Deloitte wrote in 2025 that these systems are already being considered for underwriting, treasury management, and fraud detection, even as banks face model, privacy, and control risks. (deloitte.com) The quantum part of the warning is older but getting more concrete. The National Institute of Standards and Technology finalized its first three post-quantum cryptography standards on August 13, 2024, and said administrators should begin transitioning “as soon as possible.” (nist.gov) Post-quantum cryptography is the replacement for today’s common encryption methods that a future quantum computer could break. The Cybersecurity and Infrastructure Security Agency says critical infrastructure relies on cryptography to protect the confidentiality and integrity of data in transit and storage, which is why migration planning has become a federal priority. (cisa.gov) The latest push follows President Donald Trump’s March 6, 2026 executive order on cybercrime and a broader cyber strategy released the same day. The White House order said the United States should “harden our financial and digital systems,” while legal analyses of the strategy said financial services were one of the sectors singled out for closer scrutiny. (whitehouse.gov, crowell.com) That framing helps explain why Powell joined the meeting. Bloomberg reported that his presence signaled concern about systemic risk, not just a technology dispute, and noted that every bank summoned was considered systemically important by top regulators. (bloomberg.com) What regulators appear to want now is less a ban than a faster timetable: inventory the systems that use vulnerable encryption, tighten controls around autonomous tools, and prepare for attacks that move at machine speed. The April 7 meeting suggests those conversations have shifted from research labs and security teams to the chief executives of the biggest U.S. banks. (nist.gov, bloomberg.com)