What $2.3 Trillion Taught Me About Securing What You Cannot Afford to Lose

In the summer of 2001, two pieces of malicious code produced what the security industry had not seen before: a reckoning at scale. Code Red infected roughly 360,000 machines in under 14 hours. Nimda arrived weeks later and was more sophisticated still, spreading simultaneously through email, open network shares, web browsing, and IIS vulnerabilities. Together they did not just cause incidents. They exposed an entire generation of architectural assumptions as wrong.

At the time I was responsible for information security across First Data Corporation's global operations, which included Western Union, TeleCheck, and international payment processing divisions that collectively processed more than $2.3 trillion in annual transactions across more than 15,000 remote locations worldwide. When Code Red and Nimda arrived, the question was never whether the environment had exposure. Every environment connected to a network had exposure. The question was what had already been built, before the threat emerged, that could contain the damage and protect the financial infrastructure running underneath.

That distinction between what you built before and what you reach for after would stay with me for the next two and a half decades. It is why what is happening right now with Project Glasswing feels less like a surprise and more like a confirmation of something the security industry has understood, and repeatedly failed to act on, for a very long time.

From Problem to Infrastructure

What Code Red and Nimda ultimately produced was not just a wave of remediation. They produced a shift in how serious organizations thought about security architecture. The immediate response across the industry was predictable: patch the vulnerable systems, update the signatures, reinforce the perimeter. But the organizations that came through those years in the strongest position were the ones that used the disruption differently. They built security testing capabilities. They instrumented their environments. They stopped treating vulnerability assessment as a periodic event and started treating it as an operational function.

At First Data, the security testing laboratory we built for TeleCheck, the forensic capabilities we instrumented across the environment, and the continuous vulnerability assessment cadence we established were not responses to Code Red and Nimda. They were already being built. What the worms did was validate the direction and accelerate the investment. The $2.3 trillion in annual transactions flowing through that environment was not going to wait for security to catch up to threats. It required security to be ahead of them, by design and by discipline.

That is the lesson that kept not getting learned broadly. The industry would absorb a major disruption, build better defenses, and then gradually allow the same assumptions to creep back in: that the environment is understood, that the perimeter holds, that human review is sufficient to catch what matters. The cycle has repeated with remarkable consistency across Slammer, Conficker, Heartbleed, WannaCry, SolarWinds, Log4Shell, and a dozen other inflection points that each briefly rewrote the industry's assumptions before those assumptions quietly reconsolidated.

The Disruption Happening Now

Project Glasswing, launched by Anthropic on April 7, 2026, is something different in degree and potentially in kind. In its first month, Claude Mythos Preview, a frontier AI model restricted to a vetted coalition of approximately 50 organizations including AWS, Apple, Cisco, CrowdStrike, Google, Microsoft, and others, identified more than 10,000 high- and critical-severity vulnerabilities across systemically important software. Among the findings: a 27-year-old vulnerability in OpenBSD and a 16-year-old bug in FFmpeg, both of which had survived every prior round of human code review and automated testing across their entire lifetimes.

The scale is the point. Human security researchers operating at their best, supported by the most sophisticated automated tooling available, produced a steady cadence of vulnerability discovery measured in individual findings per researcher per month. Claude Mythos Preview is producing findings at a rate that has overwhelmed the security teams receiving them. The bottleneck has shifted. The problem is no longer finding vulnerabilities. The problem is verifying, disclosing, and patching them faster than the findings accumulate.

For anyone who spent time governing security across environments processing $2.3 trillion annually, that shift in bottleneck is immediately recognizable. It is the same structural problem that appeared after Code Red and Nimda, when the issue stopped being whether organizations could detect threats and started being whether they had built the operational infrastructure to respond to them at the speed required. The detection capability had outrun the response capability. That gap is exactly what Glasswing is now producing at a much larger scale.

What This Means for Federal and Commercial Environments

The government response to Glasswing is still forming, but the trajectory is clear. The EU AI Act, which took full effect in August 2025, already classifies AI systems with autonomous cyber capabilities as high risk requiring pre-market conformity assessments. Mythos's demonstrated capabilities would trigger the Act's most restrictive provisions. On the domestic side, NIST published a preliminary draft of its Cybersecurity Framework Profile for Artificial Intelligence in late 2025, and legislative action on AI safety has been accelerating. The organizations that will navigate this environment well are the ones building governance frameworks now, not waiting for regulatory requirements to crystallize.

For federal environments specifically, the implications run deeper. Systems and codebases that have been through multiple RMF authorization cycles, that carry ATOs based on point-in-time assessments, that rely on human code review as a primary quality gate, are exactly the category of environment where Glasswing-scale vulnerability discovery is most consequential. A 27-year-old vulnerability in OpenBSD is not a theoretical concern for agencies running on legacy infrastructure. It is an operational reality, and the pace at which AI-driven discovery can surface these findings is already faster than traditional authorization and patching processes are designed to handle.

The organizations responding well to this are doing what the best organizations did in 2001. They are treating the disruption as a signal to invest in operational infrastructure, not just in tools. Continuous ATO processes, automated evidence collection, telemetry-driven controls validation, and AI-assisted patch prioritization are not future-state aspirations. They are the operational prerequisites for functioning effectively in an environment where the vulnerability discovery rate has increased by an order of magnitude.

A Positive Reading of the Disruption

The framing that matters most here is the one that tends to get lost in the urgency of the findings: Glasswing is a defensive initiative. Anthropic's decision to restrict Claude Mythos Preview to a vetted coalition rather than release it broadly, to commit $100 million in usage credits to the effort, and to build coordinated disclosure protocols into the program from the start reflects exactly the kind of institutional responsibility that the security industry has been asking AI developers to demonstrate. The fact that a 27-year-old vulnerability in OpenBSD was found and is now being patched is not a cause for alarm. It is a cause for measured optimism, paired with serious operational discipline about what comes next.

The parallel to 2001 holds here too. Code Red and Nimda were damaging. They were also, ultimately, productive. They forced a generation of security practitioners to build better things. The organizations that came through that period with the strongest security postures were the ones that treated the reckoning as an opportunity to build infrastructure they should have been building anyway.

What Glasswing is producing is a similar reckoning, at a much larger scale and with much more capable tools on both sides of the equation. The $2.3 trillion in daily transaction flow that shaped how I thought about security architecture taught me one thing above all: the cost of underestimating the operational requirements of a threat environment is never hypothetical. It surfaces at the worst possible moment, at a scale that leaves recovery as the only available option.

The organizations that treat this moment as an engineering problem rather than a compliance problem, that invest in the operational infrastructure to absorb AI-driven discovery at scale, and that build governance frameworks capable of handling what is coming next will be in a fundamentally different position than those that wait. That has always been true. The timeline just got shorter.