There's a business model as old as organized commerce: create the need, position yourself as the solution, and control access to both. We saw it with medieval guilds that monopolized technical knowledge. We saw it with Big Oil that funded the energy transition with one hand while blocking it with the other. We saw it with the banks that designed the financial instruments that collapsed in 2008 and then charged to clean up the mess. The pattern isn't new. What changes is the speed. And this time, the gatekeeper appointed itself before anyone could ask whether it should be one.
What happened with Anthropic over the course of one week deserves careful attention, not because it's scandalous, but because it's too neat to be accidental. This doubt appeared before, when a source code leak raised the same question: accident or strategic move? Now it becomes urgent.
First, three thousand internal documents exposed by a supposed "configuration error." Among them, drafts describing the most powerful model Anthropic has built so far, with cybersecurity capabilities rated as "unprecedented" and explicit warnings that it can exploit vulnerabilities "at speeds that outpace defender efforts." If someone at a marketing agency had commissioned the ideal launch text for a cybersecurity product, they couldn't have written anything better. And that text appeared "by accident."
The result was immediate global coverage. Positioning as a cybersecurity leader before the official announcement. And when that formal announcement came, Anthropic revealed projected annual revenues that had tripled: from ten to thirty billion dollars. Three leaks in one week. Three front-page stories. Zero real consequences for the company that, according to its own story, couldn't protect its content management system.
This matters because the project that emerged from that week, called Glasswing, isn't a product anyone can buy. It's a club. Restricted access to forty organizations selected by Anthropic: Apple, Amazon, Microsoft, Google, Cisco. Anthropic decides who gets in. Anthropic decides the terms. Global cybersecurity critical infrastructure guarded by the same company that just demonstrated its own internal systems are porous. The irony would be comic if the consequences weren't so serious.
The underlying business model deserves a clear-eyed look. The same system that identifies vulnerabilities can exploit them. Anthropic acknowledges this in its own leaked documents. The solution it proposes isn't to distribute that capability or create open standards: it's to concentrate access through themselves. Whoever controls the scanner controls global digital security. Not as metaphor. As a technical description of what's happening.
The market understood before the headlines did. CrowdStrike, Palo Alto, Zscaler and SentinelOne fell between seven and eleven percent that day. Not because Anthropic had done anything illegal. But because the market processed something the press releases didn't say clearly: if an AI can do in minutes what used to take specialized teams months, Anthropic just made an entire sector obsolete. And positioned itself as its natural replacement before that sector could organize to respond.
When a single entity simultaneously controls the definition of the threat, access to the diagnostic tool, admission criteria to the protection program, and public discourse about all of the above, we're not looking at a service provider. We're looking at a new form of power infrastructure. And the question no one has answered clearly is: who audits Anthropic?
This isn't a rhetorical question. It's a technical and political question. If the model is so dangerous that it can only be delivered to forty selected organizations, then the decision of who those forty organizations are is a public policy decision. It shouldn't be made by a private company without external accountability. But there we are: the company with three leaks in one week decides who accesses the most powerful tool it has built, under what conditions, and under what self-supervision.
The most revealing historical reference here isn't Big Tech, but central banks in the early years after 2008. The institutions that had generated the crisis became the architects of post-crisis regulation. Not because there was a conspiracy, but because they were the only actors with sufficient technical knowledge to draft the rules. The result was regulation that protected the existing system more than it protected those the system had failed. Anthropic is doing something structurally similar, but in compressed time. What took years in the financial sector is happening in weeks in the AI sector.
The critical difference is speed. Regulatory structures, by definition, require time: consultations, debates, legislation, implementation. Anthropic doesn't need that. It needs the world to understand that a threat exists, that they know it better than anyone, and that controlled access through them is the only practical solution available. Three leaks in one week build that consensus faster than any traditional lobbying campaign. Accident, strategy, or something in between: the effect is identical.
History suggests there's a viable alternative to this concentration model, but not in any simple way. Medieval guilds eventually gave way to more open structures, but that process took generations and wasn't peaceful. Big Oil still controls significant parts of the energy transition that supposedly replaces it. Post-2008 banks are bigger, not smaller. Historical trends don't guarantee that concentration will reverse. They guarantee it generates tensions that eventually seek outlet.
The relevant question isn't whether Anthropic is malicious. It may not be. The question is whether a private entity, without independent external audit, should control the digital security infrastructure of the forty most powerful organizations on the planet. And if the answer is no, the next question is what alternative structure would be technically viable and politically possible before the status quo consolidates too much to change.
Because whoever controls security infrastructure controls everything that depends on that infrastructure. It has always been this way. The novelty isn't in the constant. It's that this time the gatekeeper self-appointed in real time, before a global audience, with a narrative so well-constructed that questioning it seems naive or paranoid. That is, perhaps, the most sophisticated part of all this.
Stones don't lie, but historians sometimes do.
Sources:
1. Leaked Anthropic internal documents — TechCrunch and The Verge reports on CMS exposure and Project Glasswing materials
2. Bloomberg Intelligence — analysis of impact on CrowdStrike, Palo Alto Networks, Zscaler and SentinelOne stocks following Anthropic's announcement
3. Anthropic projected revenue report — reported by Financial Times and Reuters during the week of the formal announcement
4. Anthropic Constitutional AI documentation — internal references to offensive capabilities of the cybersecurity model
5. Ferguson, Niall — The Ascent of Money (2008) — analysis of post-financial crisis regulatory capture pattern, applicable as comparative historical framework
