Critical Infrastructure Cybersecurity 2026: What the Glasswing Expansion Means for Power, Water, and Healthcare
On June 2, 2026, Project Glasswing expanded to 200+ organizations including power generation, water treatment, and healthcare. Here is what security leaders in these sectors need to know.

Retool's new app builder is where AI-generated code ships safely
Building apps with AI is easy. Getting them to production safely is another story.
Critical infrastructure has been warned about its cybersecurity vulnerabilities for decades. The warnings have been mostly theoretical: assessments of what sophisticated attackers could do, analyses of known CVEs in industrial control system software, and hypothetical attack scenarios developed for tabletop exercises. Project Glasswing's June 2, 2026 expansion to 200+ organizations, explicitly including power generation and distribution, water treatment and distribution, and healthcare systems, represents the first systematic AI-powered attempt to move from theoretical to measured. For security leaders in these sectors, the implications span immediate remediation priorities, regulatory obligations, and strategic investment decisions that cannot be deferred.
Why Critical Infrastructure Lags in Cybersecurity Posture
The cybersecurity gap in critical infrastructure is not primarily a resource gap or a knowledge gap. It is an operational constraint that enterprise security frameworks do not account for. Power plants, water treatment facilities, and hospital systems run operational technology that is fundamentally different from enterprise IT in ways that make standard security practices difficult or impossible to apply directly.
These systems prioritize availability above everything else. A hospital cannot take a life-critical monitoring system offline for a patch deployment without clinical risk management protocols that add weeks to the timeline. A water treatment plant cannot restart its SCADA control system in a maintenance window without coordinating with operators who are manually monitoring treatment chemistry during the downtime. The patch cadences that enterprise IT security teams treat as baseline hygiene are genuinely difficult in OT environments.
Legacy software compounds the problem. Industrial control systems have operational lifespans measured in decades. Software running a pump station today may have been installed in 2003, running on an operating system that is no longer vendor-supported, controlling hardware that cannot be replaced without a capital project. Patching is not always technically possible. Replacement is not always financially or operationally feasible on security timelines.
What the June 2 Glasswing Expansion Covered
Anthropic expanded Project Glasswing from its initial partner set to 200+ organizations on June 2, 2026, approximately six weeks after the program's April 2026 initial assessment phase. The expansion explicitly includes power generation and distribution systems, water treatment and distribution infrastructure, healthcare networks and medical device ecosystems, and broader critical infrastructure across additional sectors.
The expansion represents the first time a systematic AI-powered vulnerability discovery program has operated at scale across the critical infrastructure attack surface. Prior assessments of OT/ICS security have typically been conducted by specialized consultancies in focused engagements covering specific facilities or systems. Glasswing's breadth, covering 200+ organizations simultaneously with an AI that maintains continuous analysis rather than a time-limited engagement, produces a different kind of data.
As of the July 5, 2026 progress report, Anthropic has not publicly broken out findings by sector. The 10,000+ total high/critical severity findings across all Glasswing partners include findings from the critical infrastructure portion of the program, but sector-specific disclosure is being handled through CISA coordination rather than public reporting, consistent with the sensitivity of critical infrastructure vulnerability data.
Briefings like this, every morning before 9am.
Threat intel, active CVEs, and campaign alerts, distilled for practitioners. 50,000+ subscribers. No noise.
IT/OT Convergence: The Attack Surface That Grew Without a Security Model
The most significant change to critical infrastructure cybersecurity risk in the past decade is not a new vulnerability class or a new attacker capability. It is IT/OT convergence: the increasing connectivity between enterprise IT networks and operational technology control systems, driven by grid modernization, hospital network integration, industrial IoT, and remote monitoring requirements.
Legacy OT systems were designed for air-gapped environments where the security model was physical isolation: if the control network was not connected to anything external, attackers could not reach it remotely. IT/OT convergence has systematically eliminated that isolation. Grid modernization connects distribution automation systems to enterprise networks for operational visibility. Hospital networks integrate medical devices with electronic health record systems. Water utility SCADA systems are connected to corporate networks for remote monitoring and management.
Each of these connections is a rational operational decision that provides genuine value. But each connection also extends the enterprise IT attack surface into OT environments that were never designed to defend against network-based attacks. A vulnerability in a Windows-based historian server that sits between the corporate network and the plant network is not an enterprise IT problem. It is an OT safety problem.
Sector-Specific Risk Analysis: Power
Power generation and distribution is the most heavily regulated critical infrastructure sector from a cybersecurity standpoint, primarily through NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) standards. NERC CIP establishes mandatory security controls for bulk electric system assets, including requirements for asset inventory, electronic security perimeters, patch management, and incident reporting.
However, NERC CIP coverage has significant gaps. Distribution systems below the bulk electric system threshold are not subject to NERC CIP requirements, leaving the distribution infrastructure that connects transmission substations to end customers largely unregulated from a cybersecurity standpoint. Grid modernization (smart meters, distribution automation, advanced metering infrastructure) has expanded the distribution attack surface faster than regulatory frameworks have expanded to cover it.
Glasswing's assessment of power sector participants will be particularly significant for distribution infrastructure, which has received far less security investment than generation and transmission assets. The legacy SCADA and distribution management systems running distribution networks are software environments where a 17-year-old vulnerability like the FreeBSD NFS RCE (CVE-2026-4747) is not an outlier. It is representative.
Sector-Specific Risk Analysis: Water
Water and wastewater systems represent the highest overall cybersecurity risk exposure among critical infrastructure sectors, for three compounding reasons. First, the sector has no mandatory federal cybersecurity standards comparable to NERC CIP or HIPAA. The America's Water Infrastructure Act (AWIA) requires community water systems serving more than 3,300 people to conduct risk and resilience assessments, but the standard is assessment-oriented rather than control-prescriptive.
Second, the sector is highly fragmented. The United States has approximately 50,000 community water systems and 16,000 publicly owned wastewater treatment plants. The majority are small utilities serving fewer than 10,000 people with no dedicated IT staff and no security function. These utilities are running off-the-shelf SCADA software and industrial control equipment that they have no capacity to monitor for vulnerabilities, let alone patch on anything approaching an enterprise security timeline.
Third, the potential consequences of successful attacks on water infrastructure are direct and physical: contamination of treatment processes, disruption of distribution pressure, and in the most severe scenarios, delivery of contaminated water to public systems. The attack scenarios are not theoretical. High-profile incidents in Florida (Oldsmar, 2021) demonstrated that remote access to water treatment control systems is accessible to unsophisticated attackers.
Sector-Specific Risk Analysis: Healthcare
Healthcare cybersecurity operates under HIPAA's Security Rule, which requires covered entities to implement administrative, physical, and technical safeguards for electronic protected health information. HIPAA's security requirements are outcome-oriented rather than prescriptive, meaning that healthcare organizations have flexibility in how they implement controls but are accountable for the outcome.
The practical cybersecurity challenge in healthcare is not HIPAA compliance. It is the complexity of the healthcare IT environment, which combines enterprise IT infrastructure, connected medical devices, legacy clinical applications, and external network connections to payer systems, laboratory systems, and public health reporting infrastructure. Medical devices (infusion pumps, patient monitors, imaging systems) run embedded software that often cannot be patched on enterprise IT timelines due to FDA clearance requirements and clinical continuity constraints.
Ransomware has already demonstrated the patient safety consequences of healthcare network compromise: hospitals forced to divert emergency patients, delay surgeries, and revert to paper processes during system outages. The Glasswing expansion to healthcare networks applies Mythos to an environment where the impact chain from software vulnerability to patient harm is shorter than in any other critical infrastructure sector.
The Air-Gap Myth: Why Isolation Is No Longer a Security Model
A persistent assumption in OT security is that physically isolated control networks are protected from network-based attacks. The air-gap assumption justified decades of deferring network security investment in critical infrastructure: if the network is isolated, vulnerability management is less urgent, intrusion detection is unnecessary, and network access controls are academic.
The air-gap assumption was always weaker than it appeared. Industrial environments regularly introduce removable media (USB drives used for software updates and data transfer), vendor remote access connections (technicians accessing control systems for maintenance), and portable engineering workstations that move between corporate and OT networks. Each represents a potential bridge across the supposed air gap.
Grid modernization, hospital network integration, and industrial IoT have replaced the partial air gaps that existed in prior-generation OT environments with deliberate, permanent connectivity. The operational value of connectivity (remote monitoring, predictive maintenance, operational efficiency) is real, and operators are not going to sacrifice it for a security model that was already compromised before connectivity was formalized. The honest security posture is to treat OT networks as part of the enterprise attack surface, not as isolated environments with weaker security requirements.
Regulatory Context: What NERC CIP, HIPAA, and CISA Require
Security leaders in critical infrastructure sectors need to understand how the Glasswing expansion intersects with their existing regulatory obligations.
For electric utilities, NERC CIP requires patch management processes for bulk electric system assets that include tracking available patches, assessing applicability, and deploying patches within defined timelines (35 days for critical patches). A Glasswing finding in a NERC CIP-covered asset triggers these obligations once the finding is disclosed. Utilities should map Glasswing CVEs against their NERC CIP asset inventory immediately upon public disclosure.
For healthcare organizations, HIPAA's Security Rule requires a risk analysis that is current and comprehensive. A Glasswing finding affecting systems that store or process electronic protected health information is a material input to that risk analysis and may trigger breach notification obligations depending on whether the vulnerability has been exploited. Healthcare CISOs should ensure their risk analysis processes are updated to incorporate Glasswing findings.
For all critical infrastructure sectors, CISA's role as the national coordinator for critical infrastructure security means that CISA is the primary point of contact for sector-specific guidance on Glasswing findings. CISA's ICS-CERT advisories will be the primary channel for sector-specific mitigation guidance as findings move through public disclosure.
Defensive Priorities for Critical Infrastructure Security Leaders
The immediate defensive priorities for critical infrastructure security leaders in the post-Glasswing environment are sequenced by impact and feasibility.
First, asset inventory and software bill of materials: you cannot prioritize patching for software you do not know you are running. Many OT environments have poor visibility into the software components running on control systems, especially for embedded devices and third-party control system vendor software. The Glasswing CVEs (FreeBSD NFS, wolfSSL, FFmpeg, Linux kernel) are components that appear in OT systems as embedded or foundational software. Build a software inventory that captures these components.
Second, network segmentation audit: validate that your IT/OT network boundaries are enforced with technical controls, not just documented as policies. Segment networks such that a compromise of enterprise IT does not provide direct access to OT control systems without traversing a monitored, controlled boundary.
Third, patch prioritization for Glasswing CVEs: for the nine confirmed public CVEs, assess your exposure and develop a patch plan with timelines. Where patching is not immediately feasible due to OT operational constraints, document compensating controls and set a target timeline for patching in a planned maintenance window.
Sector-Specific Vulnerability Breakdown and Remediation Priorities: Mythos Brief
The sector-specific vulnerability breakdown and remediation priorities for power, water, and healthcare based on the Glasswing expansion findings are available in the Mythos Brief at decryptiondigest.com/mythos-brief.
Subscribe to unlock Remediation & Mitigation steps
Free subscribers unlock full IOC lists, Sigma detection rules, remediation steps, and every daily briefing.
The bottom line
Critical infrastructure has been told it is vulnerable for decades. Project Glasswing's June 2 expansion is the first systematic AI-powered program to actually measure that vulnerability at scale, across power, water, and healthcare sectors simultaneously. The 10,000+ findings across 200+ partner organizations are not a threat model. They are measured exposure. Security leaders in these sectors who treat this as a background risk to monitor are misreading the urgency. The Mythos Brief at decryptiondigest.com/mythos-brief provides the sector-specific vulnerability breakdown, remediation priorities, and regulatory compliance frameworks your team needs to move from threat awareness to verified remediation.
Frequently asked questions
Is the power grid at risk from AI-discovered vulnerabilities?
Yes, materially. Power generation and distribution systems run decades-old software on operational technology platforms that were not designed with modern security requirements in mind. The convergence of IT and OT networks in grid modernization projects has expanded the attack surface dramatically. The Glasswing expansion explicitly included power generation and distribution in its June 2026 scope. Sector-specific findings have not been publicly broken out, but the 10,000+ total findings across all partners include critical infrastructure components.
What did Glasswing find in healthcare systems?
Sector-specific findings from the healthcare portion of the Glasswing expansion have not been publicly broken out as of July 5, 2026. However, healthcare systems represent some of the highest-risk critical infrastructure from an OT/IT convergence perspective, with medical devices running embedded software, hospital networks connecting clinical systems to enterprise IT, and legacy applications that are difficult to patch due to clinical continuity requirements. The Mythos Brief at decryptiondigest.com/mythos-brief provides sector-specific analysis based on the publicly available Glasswing data and independent OT security research.
How does OT/ICS security differ from enterprise IT security?
Operational technology (OT) and industrial control systems (ICS) differ from enterprise IT in several critical ways: they prioritize availability over confidentiality (a hospital cannot take a ventilator controller offline to patch it), they run proprietary protocols (Modbus, DNP3, Profibus) that most enterprise security tools do not understand, they have multi-decade operational lifespans that leave them running software far past vendor support, and patches must be validated against complex physical system interactions before deployment. Standard enterprise patch management processes do not apply.
What does CISA say about AI vulnerability discovery?
CISA has not issued specific policy guidance on AI-generated vulnerability disclosures as of July 5, 2026. CISA's existing critical infrastructure security frameworks (including the National Cybersecurity Strategy's shift to mandatory reporting for critical infrastructure) apply to Glasswing findings that affect regulated sectors. CISA has communicated with Anthropic regarding critical infrastructure findings from the Glasswing expansion. CISA's ICS-CERT advisories are the primary channel for sector-specific mitigation guidance as findings move through public disclosure.
Which sector is most exposed?
Based on OT/ICS security research prior to Glasswing and the characteristics of the sectors included in the June 2026 expansion, water and wastewater systems represent the highest overall exposure. These systems frequently run decades-old SCADA software, have limited IT security staffing, and are subject to fewer regulatory security requirements than power (NERC CIP) or healthcare (HIPAA). The water sector also has a large number of small operators with no dedicated security function.
How should a critical infrastructure security team structure an asset inventory audit specifically to identify Glasswing-class vulnerability exposure in OT and embedded systems where standard scanner coverage fails?
Standard vulnerability scanners fail in OT environments for two reasons: they cannot safely probe devices with real-time control functions, and embedded software is often statically linked and not registered as a system package visible to apt or yum inventory queries. A Glasswing-class asset inventory audit for critical infrastructure requires passive network traffic analysis using OT-aware tools such as Claroty, Dragos, or Nozomi Networks to enumerate devices and their protocol communication patterns without active scanning. For embedded software components such as wolfSSL (CVE-2026-5194) and FFmpeg (Glasswing memory corruption), the audit must use binary software composition analysis -- tools like Binwalk for firmware extraction combined with Grype or Syft for library identification -- to detect statically linked library versions that do not appear in any package manifest. Vendor SBOMs should be requested for any commercial OT product procured in the past five years, and for legacy equipment without vendor-provided SBOMs, binary analysis of firmware images extracted from representative devices should be treated as a capital project priority. The audit output should be a per-device exposure matrix mapping confirmed library versions against the Glasswing CVE list, with compensating control assignments for devices where patching is not feasible within any near-term maintenance window.
Sources & references
- Anthropic Project Glasswing Announcement
- Anthropic 90-Day Glasswing Progress Report (July 5, 2026)
- CISA Critical Infrastructure Security
- NERC CIP Reliability Standards
- HHS Healthcare Cybersecurity
- ICS-CERT Advisories
Free resources
Critical CVE Reference Card 2025–2026
25 actively exploited vulnerabilities with CVSS scores, exploit status, and patch availability. Print it, pin it, share it with your SOC team.
Ransomware Incident Response Playbook
Step-by-step 24-hour IR checklist covering detection, containment, eradication, and recovery. Built for SOC teams, IR leads, and CISOs.
Get threat intel before your inbox does.
50,000+ security professionals read Decryption Digest for early warnings on zero-days, ransomware, and nation-state campaigns. Free, daily, no spam.
Unsubscribe anytime. We never sell your data.

Founder & Cybersecurity Evangelist, Decryption Digest
Cybersecurity professional with expertise in threat intelligence, vulnerability research, and enterprise security. Covers zero-days, ransomware, and nation-state operations for 50,000+ security professionals every morning.
Win a $2,495 Black Hat pass.
Full-access to Black Hat USA 2026 in Las Vegas. Subscribe free to enter.
