The Order follows months of reported debate within the Trump Administration that pitted national security concerns about the capabilities of advanced models to dramatically accelerate cybersecurity threats against the desire to avoid a regulatory approach to AI safety reviews that could stifle innovation.
After several abrupt reversals of potential approaches that played out in public reports, the administration opted for an oversight model that falls short of a mandatory pre-deployment government approval regime but that nonetheless appears intended to promote a similar result through voluntary participation.
The Order arrived on the same day that Anthropic announced it is expanding the release of its Mythos model, which has demonstrated a notable ability to identify and exploit high-severity software vulnerabilities, from roughly 50 to 200 organizations. The initial release of Mythos in April, and OpenAI’s announcement of its own cyber-capable system, GPT-5.5-Cyber, highlighted the potential risk frontier AI systems pose to critical infrastructure and national security, effectively reshaping the administration’s approach to AI policy.
Frontier model pre-release review
Section 3 of the Order establishes the central initiative of the executive order: a framework for “Secure Frontier Model Deployment” that, while preserving developers’ freedom to release models, creates a structured process for early federal government access to frontier AI systems.
Within 60 days, the secretaries of the treasury, war (through the director of the National Security Agency (NSA)), and homeland security (through the director of the Cybersecurity and Infrastructure Security Agency (CISA))—in consultation with the national cyber director, the assistant to the president for science and technology, and the secretary of commerce through the director of the National Institute of Standards and Technology (NIST)— must design a voluntary framework through which developers may engage the Federal Government to submit a model for evaluation and, upon a model’s designation as a “covered frontier model,” provide the government with access to such model for up to 30 days before releasing it to other trusted partners.
Earlier drafts of the Order had reportedly set this government access window at 90 days; the revision to 30 days is the most significant change in the final version and reflects a compromise between the national security and anti-regulation factions in the administration.
The Order also provides that developers participating in the voluntary framework will be able to “collaborate with the Federal Government to select trusted partners that will have early access to covered frontier models to promote secure innovation and strengthen the cybersecurity of critical infrastructure.” This provision effectively establishes a federal government role in determining not only whether a model warrants special treatment for its cyber capabilities, but who gets early access to it and on what terms. The Order provides no criteria for trusted-partner selection.
To support the voluntary framework process, the same agencies must also develop a “classified benchmarking process” to assess the advanced cyber capabilities of AI models and set the threshold at which a model is designated a covered frontier model, with such determinations to be made by the director of NSA.
The Order specifically provides that nothing in Section 3 authorizes the creation of a mandatory governmental licensing, preclearance, or permitting requirement for the development, publication, release, or distribution of new AI models.
Creating an AI cybersecurity clearinghouse
Section 2 directs the secretary of the treasury—in consultation with the national cyber director, the director of NSA, and the director of CISA—within 30 days to form an “AI cybersecurity clearinghouse,” in voluntary collaboration with the AI industry and critical infrastructure operators, to coordinate and deconflict scanning for software vulnerabilities, validate vulnerabilities, and prioritize remediation and the distribution of vulnerability patches.
While the Order provides for a broad set of technology and critical infrastructure participants in the AI cybersecurity clearinghouse, the designation of Treasury as the lead agency is a notable structural choice that signals a key role for the financial services sector. With a number of other sector-specific cyber information sharing mechanisms already in place, policymakers and participants will have to grapple with how best to reconcile the new clearinghouse with existing sharing bodies and relationships.
Enforcement against criminal misuse of AI
Section 4 directs the attorney general to prioritize enforcement of 18 U.S.C. 1028 (fraud and related activity in connection with identification documents, authentication features, and information), 18 U.S.C. 1030 (the Computer Fraud and Abuse Act), 18 U.S.C. 1343 (wire fraud), and other applicable federal criminal laws against anyone who uses AI to illegally access or damage a computer without authorization, or who uses AI while engaged in such illegal access to further any other crime, including by employing AI agents to unlawfully access data or information subsequently used for a criminal or unlawful purpose.
These provisions do not confer new authorities or create new criminal liability; rather, they are a prosecutorial prioritization to channel enforcement resources toward AI-facilitated violations of existing criminal statutes.
Upgrading federal systems
Section 2 also directs a series of near‑term actions to harden federal systems against AI‑enabled threats. The Order includes general directions to harden government cyber defenses, including to the Committee on National Security Systems and the secretary of war. Within 30 days, the secretary of homeland security, acting through the director of CISA, must release Binding Operational Directives and other guidance to expedite the cyber defense of civilian federal systems, establish or expand AI‑enabled defensive tools, and facilitate access to cybersecurity tools and services—including, where appropriate, “covered frontier models”—for federal agencies, state and local authorities, and operators of critical infrastructure such as rural hospitals, community banks, and local utilities.
Additional provisions direct the Office of Management and Budget (OMB) to determine whether federal grant funding can be directed toward advanced AI vulnerability detection, and the Office of Personnel Management to expand United States Tech Force cybersecurity hiring and placement pathways.
Key takeaways for stakeholders
The Order signals a shift in the administration's approach to AI policy toward more active federal engagement on AI‑driven cyber risk. Companies developing or deploying frontier AI systems should closely monitor developments and rulemaking stemming from the Order in the coming months as the agencies responsible for implementation begin to define the contours of the voluntary framework, the classified benchmarking criteria, and the clearinghouse’s operational structure.
- Frontier model developers face a decision of whether to participate in the voluntary pre-release framework. Although the framework is expressly voluntary and disclaims any mandatory licensing or preclearance requirement, participation may prove closer to de facto in practice given the risks of national security scrutiny and reputational cost. Model developers should carefully consider the terms on which prerelease information sharing will occur, including what materials will be shared, who will receive them, and whether adequate protections for model weights, trade secrets, and other proprietary information will be in place.
- Critical infrastructure operators and other enterprise model deployers should monitor developments related to the secretary of the treasury’s AI cybersecurity clearinghouse to take advantage of shared vulnerability information. Additionally, the trusted-partner selection process should be monitored closely—companies in these sectors should consider engaging proactively with the agencies responsible for designing the voluntary framework to position themselves for trusted-partner designation.
The Order also leaves open significant questions. By delegating the definition of “covered frontier model” to a multi-agency classified process, the Order preserves flexibility but creates near-term ambiguity about how the threshold will be set. Liability protections for expanded information sharing remain partly dependent on the durability of CISA 2015, which has repeatedly lapsed and been temporarily reauthorized. State-level AI legislation continues to proliferate notwithstanding the administration’s push for federal preemption, and companies should expect to navigate an overlapping federal-state compliance environment in the near term.
