Where’s the sweet spot between speed and safety? On Tuesday, US President Donald Trump signed an executive order on artificial intelligence (AI) that aims to promote innovation while managing emerging security risks. To strike this balance, the executive order sets up a voluntary framework, under which tech companies can give the US government access to frontier AI models for thirty days before the models are released to the public. This lead time is intended for officials to identify and address potential cybersecurity threats from the new technology. After digging into what’s in—and not in—the order, our experts delivered their reactions below.
Click to jump to an expert analysis:
Tess deBlanc-Knowles: A promising step, but implementation headaches abound
Nitansha Bansal: A landmark shift toward caution on AI
Raul Brens Jr.: This order needs to be the beginning of a broader resilience agenda
Steven Tiell: The AI governance gap this order won’t close
Jen Roberts: The US will gain an offensive cyber advantage
Safa Shahwan Edwards: Access to frontier AI models does not mean capacity to use them
Sara Ann Brackett: A new vulnerability “clearinghouse” will cause confusion
Will LaRivee: The order could lead to strengthened global coordination on cybersecurity
Kit Conklin: The order strikes the right balance in its “dual mandate”
Matt Petit: How the new executive order stacks up against China’s measures
A promising step, but implementation headaches abound
This executive order seeks to manage cybersecurity risks of frontier AI models without imposing a regulatory or pseudo-regulatory framework, positioning the federal government to better prepare for emerging cyber capabilities of AI models in close collaboration with industry. It’s a promising step.
The process it lays out for secure model deployment offers two clear benefits. First, it gives developers clarity in expectations, alleviating the burden of inventing risk-management processes from scratch, as Anthropic recently had to do with its Mythos model and the resulting Project Glasswing. Second, it provides the federal government with a structure to harden its own systems and critical infrastructure ahead of new model releases, a significant strategic advantage in today’s geopolitical climate.
But, as with every policy, success will hinge on implementation, and three challenges stand out:
- The voluntary nature of the framework means it is dependent on the goodwill of private sector partners. It’s easy to imagine a developer rushing a model to market rather than waiting on a federal process.
- A classified benchmarking process is an additional challenge to creating shared expectations and understanding with industry, since the criteria can’t be openly shared.
- The order creates a parallel track for model evaluation for national security risks, work that had been previously led by the Center for AI Standards and Innovation (CAISI) within the National Institute of Standards and Technology. In breaking out a distinct evaluation process for cyber capabilities (originally a component of CAISI’s mandate), the order risks confusing industry about which agency to work with and on what.
Whether the order delivers on its promise will depend on how collaboratively it is put into practice.
—Tess deBlanc-Knowles is the senior director of the Atlantic Council Technology Programs. She previously served as the National Science Foundation’s special assistant for AI and as a senior policy advisor at the White House Office of Science and Technology Policy.
A landmark shift toward caution on AI
By ordering the development of a voluntary benchmarking process, the Trump administration continues to walk the tightrope between regulating AI and creating an environment for companies to innovate faster than adversaries.
The timing is notable. Reports surrounding Anthropic’s Mythos model appear to have reinforced concerns that frontier AI models may possess cyber and strategic capabilities that governments can no longer afford to evaluate only after public deployment. Moreover, tensions between Anthropic and the US government highlight the unresolved question of how much oversight Washington should have over the most advanced models.
Two years into its second term, the administration seems to acknowledge that some AI risks can only be mitigated by regulation. The administration is right to focus on cyber capabilities, where the risks are more immediate and directly relevant to national security. The effectiveness of the benchmarking process will, however, depend on what benchmarks will be used, which capabilities will trigger review, how results will be assessed, and what actions will follow if serious risks are identified.
This executive order has the potential to be the moment in US history when the federal government formally shifted its policy from “AI innovation at all costs” to “AI innovation with caution.” Will today’s voluntary benchmarking process evolve into tomorrow’s regulatory architecture?
—Nitansha Bansal is an associate director with the Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs.
This order needs to be the beginning of a broader resilience agenda
The new AI executive order shows that Washington is starting to reckon with a harder strategic reality, one in which advanced models are exposing cybersecurity vulnerabilities at a pace that outstrips slow-moving governments’ and critical infrastructure operators’ ability to respond. That challenge was on full display in the gap between the announcement of Mythos and the US government’s effort to coordinate a unified response, roughly two months.
Even with that delay, this is still a very important move. Washington has spent the past two years debating AI governance and seeking to take a hands-off approach to preserve the United States’ innovative edge. But in the process, a different unexpected problem came into view, one with real consequences for both private and public systems. This has created the pressure for an urgent response and a faster shift toward preparedness, and toward rules that create enough buffer for institutions to absorb the consequences of frontier models before they become unmanageable.
The open question is whether that buffer is actually long enough. If the fastest rulemaking response took around sixty days, then it’s fair to ask whether the thirty-day window contemplated here gives institutions enough time—especially those that already lack the capacity to move quickly.
What we should assume is that US adversaries are generally closer to the United States’ technological advances than Americans are comfortable admitting. These are not abstract risks. They are real vulnerabilities that could affect large parts of the American public as similar capabilities diffuse beyond US models. Hopefully, this executive order is the beginning of a broader resilience agenda, because that is what this moment increasingly demands.
—Raul Brens Jr. is director of the GeoTech Center, part of the Atlantic Council Technology Programs.
The AI governance gap this order won’t close
The new executive order on AI innovation and security signals something important: The federal government is no longer treating frontier AI as an abstract future risk. The creation of a classified benchmarking process, a cybersecurity clearinghouse, and a voluntary framework for engaging frontier model developers all reflect a meaningful step forward and a shift in how Washington thinks about AI as infrastructure.
But here’s what the policy community should watch carefully: The executive order’s framing is almost entirely security-focused. It focuses on protecting US systems from adversary exploitation and hardening critical infrastructure, legitimate and urgent priorities. What it largely sidesteps is the governance problem. How should federal agencies actually use AI responsibly once they have access to it?
The thirty- and sixty-day action items are operationally sensible, but they also delegate enormous discretion to the National Security Agency, the Cybersecurity and Infrastructure Security Agency, and Treasury to define terms like “covered frontier model” through a classified process with limited transparency. That creates a structural accountability gap and misses an important opportunity to build trust. Congress, state and local governments, and critical infrastructure operators will be asked to act on assessments they cannot independently verify. For healthcare systems, utilities, and financial institutions—already navigating a patchwork of sector-specific AI rules—voluntary frameworks are unlikely to take hold, especially when the underlying benchmarks are opaque.
Industry applauds “partnership over prescription,” but voluntary frameworks consistently fail at resolving liability, incident reporting, or procurement standards. Agencies like the Department of Health and Human Services or the Centers for Medicare and Medicaid Services, which are actively deploying AI in high-stakes clinical and benefit-determination contexts, need more than early access windows—they need clear accountability structures throughout the AI lifecycle and for those times when things go wrong.
This order moves the ball. But the harder work of building durable, transparent, and enforceable AI governance for the public sector remains a massive opportunity that’s largely unaddressed.
—Steven Tiell is a nonresident senior fellow with the GeoTech Center, part of the Atlantic Council Technology Programs.
The US will gain an offensive cyber advantage
Several provisions outlined in this executive order have downstream effects for US adversaries. In the short term, this impacts ransomware or cybercriminal groups that seek easy victims and slow patches. By centralizing vulnerability intelligence and directing assistance toward state and local governments and operators of critical infrastructure, such as rural hospitals, community banks, and local utilities, this order directly counteracts the business model of these opportunistic groups. For states like China, Russia, North Korea, and Iran, this poses less friction. They largely run on vastly different modus operandi than nonstate actors, operate outside of the voluntary framework proposed in this order, and can continue to benefit from access to open frontier models.
The order’s impact on adversaries might be better seen in the long run, especially given the provision on the National Security Agency’s classified benchmarking process. Over time, systematically assessing and mapping the offensive ceiling of frontier models prior to public release gives the US government a significant intelligence advantage, which will impact defensive and offensive doctrine in the future.
—Jen Roberts is an associate director with the Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs.
Access to frontier AI models does not mean capacity to use them
It’s positive to see this executive order offer guidance to make cybersecurity tools and services, as well as frontier models, available for state and local authorities and critical infrastructure owners. That said, access alone won’t guarantee effective use. Many of these aforementioned organizations are resource-constrained and lack the institutional capacity to take full advantage of these tools.
Expanding access to tools and services is a positive first step, but what seems to be missing here is corresponding investments in training and capacity building to help realize this order’s intended impact. Presumably, this section of the order attempts to address some of the questions that emerged after the announcement of Anthropic’s Glasswing Initiative, specifically, which organizations get early access to these new, powerful AI models?
—Safa Shahwan Edwards is the director of the Capacity Building Initiative, part of the Atlantic Council Technology Programs.
A new vulnerability “clearinghouse” will cause confusion
Section 2(d) of the order directs the secretary of the Treasury to establish “an AI cybersecurity clearinghouse” for vulnerability scanning, validation, and remediation. This assignment is puzzling, especially on the heels of last week’s inspector general report highlighting overlapping mandates and insufficient funding for the National Vulnerability Database, the existing national vulnerability clearinghouse.
The Cybersecurity and Infrastructure Security Agency and National Institute of Standards and Technology have already duplicated vulnerability enrichment efforts, and the National Vulnerability Database still faces a historically high backlog amid an increase in vulnerability submissions. Adding Treasury to the vulnerability clearinghouse mix without providing additional resources to the already struggling agencies or without resolving the ambiguities that produced the current overlap will add another cook to an already crowded kitchen.
Meeting the challenge of AI capabilities for cybersecurity requires foundational improvements to existing vulnerability efforts. Without those improvements, the administration’s new clearinghouse could contribute to an existing challenge without providing solutions.
—Sara Ann Brackett is an associate director with the Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs.
The order could lead to strengthened global coordination on cybersecurity
The executive order is modest by design and is unlikely to reshape the AI market directly, but its real significance lies in the precedent it sets and the signal it sends to companies and global partners. For the industry’s major players, the most immediate implications will remain voluntary, collaborative efforts to establish and adhere to a classified benchmarking and pre-release testing process. Yet companies such as Anthropic and OpenAI have already established internal capability evaluations, red-teaming programs, and frontier risk frameworks to address cybersecurity concerns, so the order arguably formalizes activity underway rather than establishing a new approach.
Instead, perhaps the order’s most significant impact is its demonstration that cybersecurity poses one of the first visible constraints on the administration’s otherwise pro-growth AI posture. Recent technical demonstrations like Anthropic’s Claude Mythos preview have underscored the tangible threats that the next generation of frontier models pose to today’s cyber networks and appear to have helped galvanize the current administration’s first concrete steps toward AI safety. While the order explicitly rejects mandatory licensing regimes, consistent with previous administration policies, its voluntary benchmarking process could still shape emerging industry standards around frontier model security as a framework for government model adoption.
The opportunity for international cooperation is narrow but real. While sweeping safety agreements and multilateral networks remain unlikely with current global leadership, common benchmarks and coordinated vulnerability disclosure channels may be more plausible outcomes. If the United States can codify this approach into an operational model for cyber defense, the order’s larger impact may be strengthened global coordination around security practices rather than direct industry regulation.
—Will LaRivee is a resident fellow at the GeoTech Center, part of the Atlantic Council Technology Programs. He previously served as a strategic planner at Headquarters Air Force.
The order strikes the right balance in its “dual mandate”
Similar to the US Federal Reserve’s “dual mandate,” the US government now has a dual mandate for AI: maintain economic competitiveness while simultaneously addressing national security risks. The executive order strikes the right balance between those two mandates, at least for now. The United States is in a strategic competition with China over which will lead the next generation of frontier AI systems. The US government needs to help the American AI industry expand its global lead across the full tech stack, not slow it down with bureaucratic red tape. At the same time, frontier models are beginning to create real national security implications, particularly in cybersecurity, critical infrastructure defense, and the potential misuse of advanced models by adversaries and nonstate actors to develop weapons of mass destruction.
The strength of this order is that it recognizes the “AI dual-mandate.” It supports rapid innovation and government adoption while creating practical mechanisms for the federal government and industry to work together on the highest-risk models. A voluntary framework for evaluating covered frontier models, paired with classified benchmarking and strong protections for intellectual property and confidentiality, is a far better approach than broad, overreaching preclearance or licensing requirements. It allows the United States to understand and mitigate emerging risks without ceding the innovation race to Beijing.
Overall, this order delivers on the AI dual mandate. It keeps American AI ahead of Beijing while keeping the most dangerous capabilities out of the wrong hands.
—Kit Conklin is a nonresident senior fellow at the GeoTech Center, part of the Atlantic Council Technology Programs.
How the new executive order stacks up against China’s measures
On the surface, this executive order mirrors measures China has taken to protect its own AI industry. Like China, the US government is requiring more government oversight on frontier models through the “covered” designation, raising federal AI cybersecurity standards, and pushing for local industry to adopt these covered models.
But there are a few structural differences that reveal vulnerabilities for both countries.
- To reduce friction and foster innovation, Section 3(c) prohibits US agencies from “mandating pre-release code-audits, licensing, or permitting regimes.” By contrast, the Cyberspace Administration of China imposes granular analysis and approval of initial code, mandatory pre-release safety evaluations, and (crucially) political alignment.
- China’s system integrates approved models fast, widely, and cheaply. Once a model receives approval, the Chinese government pushes early model release deep into the country’s industrial base, enabling testing and feedback and rapidly bringing Chinese models into national production cycles. By contrast, an executive order determines only the executive branch’s operations; it carries no legislative weight. Relying on adoptive momentum through the AI “trusted partner” ecosystem creates a severe imbalance between these largely elite, early access partners and the local infrastructure the administration is trying to protect. Fully integrating covered models at that level would require widespread local, state, and federal lawmaking to match China’s effectiveness.
- China’s top-down system for “covered models” dramatically reduces the likelihood of adversarial cyber exploits. But it also introduces politically motivated blind spots and opens the door for errors carried forward into a national economic system. While the White House’s new order aims to improve federal AI cybersecurity, its prohibition against code audits retains serious structural vulnerabilities. Chinese capital is deeply rooted in the US tech industry and presents early risks of data poisoning, backdoor exploits, and capability manipulation.
—Matt Petit is a nonresident senior fellow with the GeoTech Center, part of the Atlantic Council Technology Programs.