"People are using the tools to do the mundane part of their job" and compress "a two-week task ... down to three hours," Emil Michael told reporters at the Pentagon.
Emil Michael and the GenAI.mil rollout
Since December, the Department of Defense has deployed agentic tools on its GenAI.mil platform and, by Pentagon accounts, called the rollout a "tremendous success." Emil Michael, the defense undersecretary for research and engineering, said the platform recently added Google's Gemini and is pursuing additional models so the department is "not single-threaded on any one vendor." Michael framed the effort as an experiment in capability: different models are trained "in a somewhat different way on different data," and the department intends to "learn which ones are more capable on which dimensions."
Why Mythos matters — and why it's controversial
The Pentagon is testing Mythos, an agentic model produced by Anthropic, even though Anthropic has been "officially been labeled a national-security risk" and has sued the government over that designation. Michael described the department's posture toward Mythos as a "testing and evaluation period" and said Mythos is already being used by agencies and a "select group of large companies" to find vulnerabilities. He argued that the government must assess what such models can do not only to government systems but to private-sector targets — "for the rural hospitals, for the wastewater treatment plants" — so those vulnerabilities can be patched before adversaries gain the same capabilities.
Jackson Reed: criminal groups will mimic state actors
Jackson Reed, founder of AI startup Barding Defense, warned that agentic tools will reshape how threat groups operate. "We're going to see criminal groups look a lot more like state actors," Reed said. Where many cybercriminals today seek quick payoffs such as stealing data or deploying ransomware, Reed said the new pattern will include longer-term operations: remaining undetected in a network to spy, move laterally, or manipulate data. He said the shift will generate "entire new taxonomies of attack (like the industrialized insider trading example, or industry-wide ransomware deployments)" and will "pose risks to society and raise questions about the feasibility of current constitutional approaches," a claim he made in a followup email.
Limits of agentic models: Opus 4.6 and lateral movement
Michael and other Pentagon officials emphasize agentic models' ability to find and patch vulnerabilities automatically, but Reed cautions that those same models have blind spots. He cited Anthropic's Opus 4.6 — described in the reporting as a model for coding and reasoning that can find and fix software vulnerabilities — and noted it still "misses things like lateral movement." Reed is collaborating with Breakpoint Labs, a cybersecurity company that works with the U.S. military, to build a new agent platform aimed at finding the kinds of attacks that current agentic defenses enable but do not detect.
What this means for technologists, policymakers, and rural operators
- Technologists and security teams: The Pentagon's multi-model testing approach — adding Gemini and evaluating Mythos — signals an emphasis on comparative evaluation across vendor models. Teams should watch which models perform better "on which dimensions" and where agentic systems leave gaps, especially for attack behaviors like lateral movement that some models reportedly miss.
- Policymakers and federal agencies: The government is balancing access to powerful tools with concern about vendor risk. Michael's description of a "testing and evaluation period" with a company labeled a national-security risk underscores that agencies may permit selected access to controversial models while officials assess those models' impacts across sectors.
- Rural hospitals and wastewater treatment plants: These specific targets were named by Michael as places the government wants to "patch ... before adversaries get the same ability." Their inclusion in Pentagon remarks highlights how the rollout is being framed not only as a defense for military networks but as a potential national resilience effort for critical civilian infrastructure.
The record in this reporting is straightforward: the Pentagon says agentic AI is already accelerating routine work and is being tested to find and fix vulnerabilities, even when those models come from companies the government has flagged as risky. At the same time, experts like Jackson Reed warn that the same technology will enable criminal behavior that looks more like statecraft — stealthy, persistent, and destructive in new ways. The department's immediate task, as Emil Michael framed it, is operational: learn the strengths of different models and patch vulnerable systems, from federal infrastructure to rural hospitals and wastewater plants, "before adversaries get the same ability."
