US officials consider 3 day patch rule amid AI advances
US officials are thinking about giving civilian government agencies and government IT systems only three days to patch actively exploited critical flaws, instead of the usual weeks.
This push comes as new AI models like Anthropic's Mythos and OpenAI's GPT-5.4-Cyber can now spot and exploit software weaknesses super fast, making quick fixes more important than ever.
Nitin Natarajan warns agencies, banks strained
If this rule goes through, both government agencies and industries (especially banks) will need to step up their game.
But experts warn it won't be easy: Nitin Natarajan, former deputy director of CISA under President Joe Biden, points out that while fast action is crucial against AI-powered threats, actually rolling out fixes in just three days could be a big challenge when teams are already stretched thin.