Regulators say OpenAI offered gated GPT-5.5 'Cyber' access while Anthropic took a different approach

OpenAI has offered limited access to GPT-5.5-Cyber to vetted defenders and regulators, while Anthropic has kept Mythos under tighter control, according to company statements, European Commission comments and Reuters reporting. The split has become more visible this week as Brussels said OpenAI had offered access to its cybersecurity features, while Anthropic had not made a comparable offer to the bloc. Reuters also reported on May 13 that Japan’s three largest banks are expected to gain access to Mythos in about two weeks, citing a person with direct knowledge. OpenAI said on May 7 that GPT-5.5-Cyber was being rolled out in “limited preview” to defenders responsible for securing critical infrastructure through its Trusted Access for Cyber program. The company said the framework is identity- and trust-based, lowers refusals for approved defensive work such as vulnerability identification and malware analysis, and continues to block requests tied to credential theft, stealth, persistence or exploitation of third-party systems. (openai.com) ### What exactly did OpenAI put on the table? The European Commission said on May 11 it welcomed an offer from OpenAI to provide access to its cybersecurity features. Reuters reported that Brussels had received the offer while Anthropic had not gone as far, citing Commission spokesperson Thomas Regnier. OpenAI said European partners, including businesses, governments, cyber authorities and EU institutions, would be granted access to GPT-5.5-Cyber in limited preview, according to CNBC’s account of the company announcement. (openai.com) The company’s own May 7 post described the model as aimed at specialized defensive workflows rather than broad public use. ### How is that different from Anthropic’s Mythos rollout? (money.usnews.com) Reuters reported on May 11 that the Commission had held four or five meetings with Anthropic, but no discussions on possible access to its AI models had taken place so far. That left Brussels publicly drawing a contrast between OpenAI’s offer and Anthropic’s position. (cnbc.com) Reuters then reported on May 13 that Anthropic was preparing to widen Mythos access in a narrower way, with Mitsubishi UFJ Financial Group, Mizuho Financial Group and Sumitomo Mitsui Financial Group expected to receive access in about two weeks, according to a person with direct knowledge. The three banks declined to comment, and Anthropic did not respond to Reuters’ request for comment. (money.usnews.com) ### Why are Japanese banks suddenly part of this story? Japan’s three megabanks entered the picture after regulators and policymakers raised concerns about what advanced cyber-capable AI models could do to legacy financial systems. Reuters said cybersecurity experts viewed Mythos as posing significant challenges to the banking industry and its older technology stacks. (money.usnews.com) Japanese Finance Minister Satsuki Katayama said on Tuesday, after meeting U.S. Treasury Secretary Scott Bessent, that Japan would establish a public-private working group this week to address cybersecurity risks to the Japanese financial system posed by Mythos. Reuters said the group’s first meeting would be held on Thursday. (money.usnews.com) ### What controls did OpenAI say it attached to GPT-5.5-Cyber? OpenAI said approved users in Trusted Access for Cyber receive expanded defensive capability only after vetting, and that safeguards still block malicious activity. The company also said individuals using its most permissive cyber models will be required to enable Advanced Account Security beginning June 1, 2026. The company said GPT-5.5 with Trusted Access for Cyber remains its “strongest broadly useful model” for legitimate defensive work for most teams, while GPT-5.5-Cyber is reserved for more specialized workflows. (money.usnews.com) That language points to a tiered access structure rather than a general release. ### What happens next, and who gets access first? Thursday’s working-group meeting in Japan is the next public milestone in the banking response to Mythos, according to Reuters. (openai.com) The participants are expected to focus on risks to the Japanese financial system after Katayama’s announcement earlier this week. About two weeks from May 13 is the timeline Reuters gave for potential Mythos access by MUFG, Mizuho and SMFG. In Europe, the Commission said on May 11 that talks with OpenAI were advancing, while Anthropic had not yet offered comparable model access to the bloc. (money.usnews.com)