Recently, the AI world was shaken by the news that the United States government had placed export controls on Anthropic’s new model, Fable (now restored). This restriction prevented anyone who was not a US citizen from accessing the model, even within the United States. Anthropic responded by taking the model offline. This development raises new questions for CEOs and CIOs. What are the security considerations around models you are deploying? How do you ensure business continuity if the models suddenly become unavailable? In short, how do you protect your business?

What Happened Here? What Are Fable and Mythos?

Fable and Mythos are the new model introductions from Anthropic. Mythos is an advanced, less-restrictive model available only to trusted organizations and Fable is its public-facing counterpart equipped with strict security guardrails.

However, after the immediate release of Fable, industry concerns caused the US government to impose export restrictions on Fable. At the time of this writing, access to Fable has been restored , while similar concerns are being worked through about OpenAI’s new model - GPT 5.6 .

The Business Implications

As business leaders, there are several notable implications of these developments.

  • This is not the end. It is likely only the beginning. It is worth noting that the security implications are not why these models were considered appealing. They are appealing because they are advanced, and they outperform past models in tasks important to businesses, such as code generation. But with the advances that provide business ROI gains, the new model advancements create new risks. This fact is likely here to stay, and only likely to get worse as models advance further.
  • Processes are not in place. While AI regulations are moving apace, with developments such as the EU AI Act , there is no consistent or well-structured process to evaluate new models for security hazards. As such, one can expect that one-off actions will continue to occur while the process attempts to catch up with the speed of technology development. Given how fast these model advancements are coming, such a catch-up is challenging at best.
  • Export controls are difficult to enforce. In today’s multinational environment, an export control for a general-purpose model is extremely difficult to enforce at a granular level. It means that one employee can access the model while another, possibly sitting next to them in the same office and perhaps more senior, cannot. The only practical choice companies will have is to remove the model for all employees unless they receive an organizational-level exemption. As was the case with Anthropic, it is also likely that the model’s creators may pull the model rather than push the burden of compliance to their users.
  • Combining the last two implications creates further complexity. The recent export control restriction was issued by the United States. Given the fragmented nature of AI regulations at present, one can imagine independent rules issued by different countries or territories, the tapestry of which will now need to be navigated by multinationals.

There are several steps an organization can take to, first limit risk and second to achieve maximum ROI in an AI space with such issues.

  • Ensure a multi-model strategy. While there is no well-established process, your business should be prepared to yank access to a model without business disruption. The easiest way to do this is to swap the model out for a previous version. Ensure that your IT teams understand the need for this and have put in place mechanisms to do this seamlessly.
  • Monitor the status of new models. As much as sticking to older models is a safe method, the new models do provide technological advances that can benefit your business ROI. Your business should make considered choices as to the potential benefits of model upgrades, while keeping in mind the instability that can occur when a new model is introduced. It is worth noting that security, while possibly the most serious, is not the only kind of disruption that a new model can create. Basic changes in behavior, even if benign from a security perspective, can still impact your business.
  • Ensure that responsibility for cross-organizational model governance is well defined within your organization. Such responsibility will include not just monitoring the immediate state of regulations but also understanding which parts of your business are impacted and how they should be managed.
  • Remember your non-negotiables. Ultimately, the goal of deploying AI is not to be absolutely state-of-the-art. It is to improve business ROI. When a new model arrives, it should be deployed if it is likely to help the bottom line, factoring in both benefits and business continuity risks.
  • Model adoption has become even more complex than it was in the past. The security dimension creates a new complexity for business continuity that IT teams and corporate strategy should take into account.
  • As companies race to become AI Native , keep in mind that the core benefits of AI and the non-negotiables (business ROI) have not changed. These should always be the focus.