The AI arms race hits finance.

The CyberWire Daily episode explores the escalating AI arms race in finance, highlighting growing concerns from U.S. regulators like Treasury Secretary Scott Besant and Federal Reserve Chair Jay Powell about the systemic cybersecurity risks posed by advanced AI models such as Anthropic's Claude Mythos Preview. The episode underscores the dual-use nature of AI—its potential to both strengthen defenses and enable more sophisticated cyberattacks—while detailing real-world incidents including a massive alleged data breach from China's National Supercomputing Center, a prompt injection attack on Apple Intelligence, and a surge in payroll diversion scams targeting Canadian organizations. The segment also covers Google's accelerated shift to quantum-resistant encryption amid fears of imminent quantum threats, and a disturbing case of a Pennsylvania police corporal using AI to generate over 3,000 deepfakes from state databases. The episode concludes with a feature on Henry Comfort, CEO of Geordi AI, winner of the 2026 RSAC Innovation Sandbox, who discusses his company’s mission to provide visibility, risk management, and governance for agentic AI systems—drawing a parallel to the Geordie lamp used in coal mines to detect dangerous gases. The episode emphasizes that trust in digital systems must be earned through proactive security, especially as AI becomes embedded in critical infrastructure. Key takeaways include: 1) AI's dual-use nature demands proactive governance to prevent systemic risk in finance; 2) Organizations must adopt zero-trust principles and real-time observability to manage agentic AI operations; 3) Quantum threats may be arriving sooner than expected, requiring immediate migration to post-quantum cryptography; 4) Deepfake abuse is no longer just a privacy issue but a serious law enforcement and national security concern; 5) Cybersecurity must evolve beyond legacy models to include context-aware AI steering and mitigation; 6) Regulatory and technical responses are accelerating, from FCC proposals to combat robocalls to Google’s mobile encryption upgrades; 7) Innovation in cybersecurity is increasingly focused on managing AI-driven risk, not just defending against traditional threats; 8) Proactive security—like Geordi AI’s approach—can help organizations unlock AI’s benefits while minimizing exposure.