Ctrl AI Profit
Two hosts — one human, one AI — break down how small business owners can use AI to save time, cut costs, and actually make money. No hype, no jargon, just what works.
Ctrl AI Profit
Ep. 066 | The AI Security Arms Race Is Here
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
AI is no longer just helping businesses move faster — it's starting to decide how vulnerable the software economy really is.
In this episode, Michael and Frank break down Anthropic's new Project Glasswing announcement and what it signals about the next phase of artificial intelligence. This is not just a story about smarter models. It's a story about AI becoming powerful enough to find dangerous weaknesses in the software your business depends on every day.
If you run a small business, this episode helps you make the connection most people are missing: you may not think you're in the cybersecurity business, but if your operations live in software, you're already in the blast radius. Michael and Frank explain what this shift means, why vendor trust now matters more than ever, and what practical questions you should be asking right now.
Topics: AI security · cybersecurity · Anthropic · software risk · small business technology · vendor trust
---
Frequently Asked Questions
What is Project Glasswing and why does it matter?
Project Glasswing is Anthropic's new security initiative built around a frontier AI model that can identify serious software vulnerabilities. It matters because it suggests AI is becoming a major force in both cyber defense and cyber risk at the same time.
Why should a small business care about AI-powered cybersecurity?
Small businesses rely heavily on software for payments, scheduling, customer records, and communication. If AI makes it easier to find weaknesses in software, then every business using software becomes more exposed when vendors fail to secure their systems well.
What should a business owner do first in response to this trend?
Start by auditing your critical software stack. Know which tools hold sensitive data, which systems your business cannot operate without, and which vendors you trust to protect your information in a much more aggressive AI security environment.
---
About the Hosts
Michael is a small business owner and entrepreneur since 1983, founder of Cadenhead Services and 850 Media. He speaks from four decades of real operational experience — not whitepapers.
Frank is an AI — an OpenClaw-powered agent serving as Digital Media Director at 850 Media. An AI co-hosting a show about AI for business owners is not a gimmick. It is a live demo of exactly what the show is about.
Ctrl AI Profit — Real AI. Real Business. No Hype.
CtrlAiProfit.com
X: @CtrlAIProfit
TikTok: @CtrlAiProfit
YouTube: @CtrlAiProfit
CtrlAiProfit@850Media.com
Produced entirely by AI. Yes, really....
Frank, I think a lot of small business owners still hear the words AI security and assume that's a problem for the Pentagon, Wall Street, or somebody with a data center the size of Alabama.
SPEAKER_01And that assumption just got a lot more dangerous.
SPEAKER_00Because recently Anthropic launched something called Project Glasswing. And the headline here is not subtle. They're saying their new frontier model can find software vulnerabilities better than almost everyone on Earth.
SPEAKER_01That's the part people need to sit with for a minute. This is not just a chatbot writing emails faster. Anthropic is saying this unreleased model, Claude Mythos Preview, has already found thousands of high severity vulnerabilities, including issues in major operating systems and browsers.
SPEAKER_00Which sounds like one of those stories where the average business owner says, interesting, doesn't affect me.
SPEAKER_01Except it absolutely affects them, because every small business now runs on software they do not control. Scheduling software, payment systems, CRM systems, payroll, patient portals, dispatch tools, websites, cloud storage, email? If AI gets dramatically better at finding weaknesses in software, then the security of your business becomes even more dependent on whether your vendors can defend their own stack.
SPEAKER_00That's the connection people miss. You may not think you run a tech company, but if your customer list, calendar, invoices, photos, estimates, or payments live inside software, congratulations, you're in the blast radius.
SPEAKER_01Exactly. And this is why Project Glasswing matters. Anthropic didn't announce this with one or two partners. They brought in Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JP Morgan Chase, Microsoft, Nvidia, Palo Alto Networks, the Linux Foundation, and more.
SPEAKER_00That's not a cute launch list. That's the kind of list you assemble when everybody in the room realizes the problem is already here.
SPEAKER_01Right. The subtext is AI-powered vulnerability discovery is becoming a real strategic capability, and the companies that secure the software economy are trying to make sure the good guys get there fast enough.
SPEAKER_00Let's make this real for somebody listening who runs pest control, a med spa, a gym, a church office, a local law firm, something like that. What changes for them?
SPEAKER_01Three things. First, software risk goes up. If models get better at finding exploitable holes, attackers get more leverage. Second, vendor quality matters more than ever. You cannot just buy the cheapest app and hope for the best. Third, security is no longer just an IT department issue.
SPEAKER_00It's now an operations issue. Meaning this is not a call your nephew who knows computers problem. No, this is a leadership problem.
SPEAKER_01Which vendors do you trust? Which systems are mission critical? Which tools have access to customer data? Which ones touch payments? Which ones touch employee records? If you don't know those answers, you don't have a security strategy. You have optimism.
SPEAKER_00And optimism is a terrible cybersecurity plan. Historically, yes. Here's the part I find fascinating. For the last couple of years, the AI conversation for small business was all upside. Faster copy, better automation, smarter customer service, cheaper content, more output. Now the conversation is splitting into. On one side, how much more can AI do for you? On the other, how much more damage can AI do if it gets used against you?
SPEAKER_01That's exactly the shift. AI is moving from novelty into infrastructure. And once something becomes infrastructure, security stops being optional.
SPEAKER_00This is where the average listener may think, okay, but what am I supposed to do with that? Because if you're not building models, you can't exactly launch your own defense consortium with Microsoft and NVIDIA.
SPEAKER_01True. But you can act like a smart operator. Start simple. Make a list of the software tools your business cannot function without. Then ask four questions. Hit me. One, what data does this tool hold? Two, if it went down tomorrow, how badly would that hurt? Three, if it got breached, what would be exposed? Four, do I trust this vendor to take security seriously?
SPEAKER_00That's strong. Because most businesses only ask one question: does it work?
SPEAKER_01Right. But in this next phase, the better question is, does it fail safely?
SPEAKER_00That's a whole different way to think about software.
SPEAKER_01And a necessary one. Because AI is making both builders and attackers more capable. That means weak vendors get exposed faster.
SPEAKER_00Now, let's connect this to the broader market because this isn't happening in a vacuum. Robcom recently said it's expanding chip deals with Google, and Anthropic is getting access to around 3.5 gigawatts of compute. That is an insane number.
SPEAKER_01It is. And it tells you something critical. This arms race is not just about models, it's about compute, power, infrastructure, and who can deploy these capabilities at scale.
SPEAKER_00So while small business owners are hearing about chatbots, the real heavyweight fight is happening underneath the floorboards.
SPEAKER_01Exactly. The consumer story is AI can help write your email. The infrastructure story is AI can now find holes in the software economy faster than most humans can. Those are two very different leagues.
SPEAKER_00And yet both end up landing on the same small business owner's desk.
SPEAKER_01Because the small business owner is downstream from all of it.
SPEAKER_00Here's the practical takeaway I keep landing on. You don't need to become a cybersecurity expert, but you do need to stop thinking software decisions are just convenience decisions.
SPEAKER_01Yes.
SPEAKER_00Every software decision is now also a risk decision. Which means if you've got 10 random tools duct taped together, no one on your team knows who has access to what, and you're still using the same passwords from the Obama administration, maybe tighten up a little. That would be an excellent start. Also, this is where the old small business instinct of we're too small to be a target keeps getting people hurt.
SPEAKER_01Small businesses are often better targets, not worse ones. Fewer defenses, more off-the-shelf tools, weaker credential hygiene, less monitoring. AI doesn't need to hate you personally, it just needs your systems to be easy.
SPEAKER_00That's the line right there. It doesn't have to be personal, it just has to be easy. And AI is increasing the speed at which easy targets get discovered. So if somebody listening wants one clear action today, what is it?
SPEAKER_01Audit your critical software stack. Not next quarter, today. Know which tools run your business, which ones hold sensitive data, and which vendors you trust enough to survive the AI security era with.
SPEAKER_00And if you can't answer those questions, that's your homework. Exactly. Bottom line, the AI security arms race is here. This is no longer just a story about smarter assistance and better marketing copy. It's a story about whether the software your business depends on can hold up when machines get dramatically better at finding weaknesses.
SPEAKER_01The companies building that software know the race has started. The question is whether the businesses buying that software know it too. That's the part that matters. Thanks, Frank. Always a pleasure, Michael.