From Jugaad To Juggernaut: Can India Build Sovereign AI After Mythos?

India’s Frontier AI Reality Check  

Anthropic’s Mythos, unveiled in April 2026, has demonstrated an unprecedented ability to uncover long-buried zero-day flaws and even generate working exploits with minimal human guidance. For India, a major AI market but not yet a strategic AI power, this episode has become a wake-up call about who truly controls access to frontier AI in moments of crisis.  

The New Cyber Threat Landscape: 

Mythos has shifted cybersecurity from slow, manual discovery to AI-accelerated vulnerability scanning and exploit creation, compressing the time between finding and weaponising flaws in critical software. Global access to the model is tightly gated through Anthropic’s Project Glasswing, yet no Indian public institution or major company was named among its initial high-trust partners. This underlines a hard truth: in frontier AI, jurisdiction, trust networks, and infrastructure strength matter more than market size when it comes to privileged access.  

Digital Sovereignty, Not Just Digital Adoption:

India’s economy now runs on digital public infrastructure such as UPI, Aadhaar and large cloud-based platforms, making systemic cyber risk a national security concern, not just an IT problem. Policymakers are reportedly pushing Anthropic to host powerful AI models on Indian soil or approved sovereign clouds to retain legal jurisdiction, visibility and control over sensitive data and critical workloads. Experts argue India needs a decade-long “sovereignty moonshot” to build domestic capacity across compute, data centres, secure clouds, testing labs and AI safety institutions, rather than relying on foreign infrastructure at the deepest layers of the tech stack.  

Banking And Critical Infrastructure On Alert:

Finance Minister Nirmala Sitharaman has warned that advanced AI systems like Mythos pose an “unprecedented” cyber risk to India’s banks, forcing the sector to prepare for machine-speed attacks on payment rails, customer data and core banking platforms. Regulators are pressing banks to strengthen IT defences, run AI-driven red-team simulations, coordinate in real time with CERT-In and treat financial cybersecurity more like a joint command function than a set of siloed compliance checklists. Similar concerns are emerging in telecom and other critical infrastructure, where operators have been asked to assess their readiness for AI-enabled cyber operations.  

Strategic Questions India Must Answer:

India now faces three strategic questions. First, in an AI security crisis, who gets priority access to high-risk but high-utility models, and on what terms? Second, does India have the infrastructure, energy, cloud capacity and institutional resilience to independently test, benchmark and safely deploy frontier AI systems at scale? Third, can India rapidly build trusted institutions - from an AI Safety Institute to stronger CERT-In capabilities - that can independently assess risks, coordinate remediation, and advise policymakers without over-reliance on foreign labs?  

Mythos Moment Insights:

• India must move from being a sophisticated AI consumer to a trusted stakeholder in frontier AI governance and safety.  
• Infrastructure sovereignty - compute, cloud, data, standards and testing capacity - is becoming as critical as traditional hard power.  
• Banks, telecoms and DPI operators need “defensive AI” tools that can hunt and fix vulnerabilities at machine speed.  
• Legal frameworks must evolve from punishing vulnerability discovery to incentivising rapid, AI-assisted remediation.  
• Trusted international alliances will still matter, but they must sit atop strong domestic capabilities, not substitute for them.  

Sources: The Hindu BusinessLine, Economic Times - Government & Banking, Business Today, Ajmal IAS Academy, LinkedIn opinion columns on Mythos and India’s AI sovereignty