Getting access to Mythos and other advanced frontier models is high on the government's priority, and while talks and processes for the same are on, alternate AI models are also being leveraged for now to track and fix vulnerabilities, IT Secretary S Krishnan said on Monday.
Mythos - an advanced AI model developed by Anthropic - has been able to "lay bare" vulnerabilities that existed in the original code of widely-used software programmes but were often left unresolved because they were considered low priority, too costly to fix, or had simply gone undetected, he noted.
"What this gives is an opportunity now to actually identify many of these vulnerabilities and correct them. Clearly, getting access to Mythos and similar advanced frontier models is very high on the priority of the government, and this is something that we have taken up with our counterparts in the US and with the respective companies," Krishnan said.
There is a process involved, Krishnan said, adding, "We are negotiating that process; we are going through that right now." Even as the negotiations continue, the government has created a "sandbox" environment using alternative AI models with an estimated 60-70 per cent of the capabilities of the most advanced systems. The objective is to test code, identify vulnerabilities and develop secure workflows before access to more powerful models becomes available.
"You know what the stand of the US currently is...that there are export controls on products of this nature. What we are instead doing to prepare ourselves is that CERT-In themselves has a sort of a sandbox or a 'war room' where they have other models which they are using...which they believe at about 60 to 70 per cent of the capability of what Mythos can do," he said, adding that various elements of code are being probed, vulnerabilities are being identified and fixed.
The entire exercise is akin to a dry run, he explained.
"...So that we, in a sense, have done a dry run for whenever Mythos is available in order to do it in a secure environment, and at the same time making sure that at least a significant proportion of vulnerabilities have been identified and tackled even without access to Mythos," Krishnan said.
He stressed that for highly-sensitive codes, an on-premises deployment within India would be essential rather than relying entirely on cloud-based services hosted overseas.
"There is a risk, of course, and what the government is concerned is that we should have access to some of these tools, not on a cloud-based approach and sending it out...At least some most sensitive elements of code will have to be done 'on-premises' within the country," Krishnan said, adding that a balance will have to be struck

























