On June 2, 2026, President Trump signed an executive order titled “Promoting Advanced Artificial Intelligence Innovation and Security” (the “Executive Order”). The Executive Order directs federal agencies to partner with the private sector to harden critical infrastructure systems against AI-enabled cyber threats. The Executive Order emphasizes voluntary participation by developers, pivoting from earlier deliberations about mandating government approval of new AI systems. Key aspects of the Executive Order include pre-release government review for advanced AI models (including providing the federal government with access to covered frontier models for up to 30 days before release to other trusted partners), an AI cybersecurity clearinghouse, enhanced enforcement of federal criminal statutes against AI-enabled cyber crimes, and directives for the Department of Defense and CISA to bolster the cyber defenses of federal systems. Apart from the pre-release review period, and influence on government procurement activities, the Executive Order does not contain any legally binding requirements or rights for companies.
Background
The Executive Order was issued against the backdrop of heightened concern about the cybersecurity implications of the latest generation of advanced AI models. Frontier model developers have recently begun to announce models with unprecedented capabilities to identify network vulnerabilities in widely used software that forms the backbone of the world’s critical network infrastructure.
US government officials, cybersecurity experts, and leaders in critical infrastructure sectors have expressed concern that improved models may threaten national security if they fall into the wrong hands. These recent breakthroughs prompted the Trump administration, which had formerly taken a hands-off approach to AI regulation, to advance efforts to create AI policy addressing a range of security questions.
As the policy developed, it became a source of debate between administration officials who favored a light-touch approach to foster innovation and keep pace with AI advancements abroad and those who argued that the advanced technology required new guardrails for AI development. In late May, plans for a signing ceremony were cancelled at the last minute. The President suggested that he “didn’t like certain aspects” of the order and worried it would undercut US competition against China in the AI race.
Voluntary framework for frontier model review
The Executive Order directs multiple federal agencies, including the Treasury, War, and Homeland Security Departments, to develop a classified benchmarking process and a voluntary engagement framework within 60 days. The Director of the NSA will then assess the advanced cyber capabilities of AI models and determine the threshold at which models should be designated “covered frontier models.”
Under the voluntary engagement framework, developers will be able to: (a) engage the federal government to determine whether a model under development meets the designation of a covered frontier model; (b) provide the federal government with access to covered frontier models, subject to appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements, for a period of up to 30 days before they plan to release such models; and (c) collaborate with the federal government to select trusted partners that will have early access to covered frontier models to strengthen the cybersecurity of critical infrastructure. The Executive Order expressly states that the framework is voluntary and does not offer any particular rights, immunities from liability, trade secret protection, or resources to companies that choose to participate.
While the framework represents a novel approach to AI safety nationally, a number of jurisdictions globally, including Singapore, China, and South Korea, have introduced similar measures. Reporting suggested that the White House modelled the framework on a similar UK proposal currently under consideration.
Other Provisions
Building on recent cybersecurity Executive Orders 14144 and 14306, the Executive Order also directs rapid action to strengthen the cyber defenses of federal and critical infrastructure systems against AI-enabled threats. It also calls for Binding Operational Directives, expanded federal cybersecurity programs, and broader access to AI-enabled defensive tools and services for agencies, state and local governments, and critical infrastructure operators such as hospitals, banks, and utilities. In addition, the order requires the Treasury Department to establish an AI cybersecurity clearinghouse to coordinate vulnerability scanning, validation, remediation, and patch distribution in voluntary collaboration with industry and critical infrastructure operators. The Executive Order further directs the US Attorney General to prioritize the enforcement of applicable federal identity fraud, unauthorized computer access, and wire fraud laws against anyone who utilizes AI to illegally access or damage a computer without authorization.
The actions, agencies and timing of this whole-of-government approach are outlined in the table below.
| Action | Timeline | Responsible agencies |
| Prioritize cyber defense of National Security Systems | 30 days (by July 2, 2026) | Committee on National Security Systems |
| Prioritize cyber defense of Department of War information systems | 30 days (by July 2, 2026) | Secretary of War |
| Issue Binding Operational Directives and guidance to strengthen civilian federal cybersecurity and AI-enabled defenses | 30 days (by July 2, 2026) | Secretary of Homeland Security (through CISA), in consultation with OMB, National Security Advisor, and National Cyber Director |
| Establish AI cybersecurity clearinghouse for vulnerability coordination and remediation | 30 days (by July 2, 2026) | Secretary of the Treasury, in consultation with NSA (via Secretary of War), CISA, and National Cyber Director |
| Assess availability of federal grant funding for AI vulnerability detection projects | 30 days (by July 2, 2026) | Director of OMB, in coordination with National Cyber Director and CISA |
| Expand federal cybersecurity hiring pathways (Tech Force Information Cybersecurity Specialist) | 60 days (by August 1, 2026) | Director of the Office of Personnel Management |
| Develop benchmarking process for AI cyber capabilities and “covered frontier model” designation | 60 days (by August 1, 2026) | Secretary of the Treasury; Secretary of War (through NSA); Secretary of Homeland Security (through CISA), in consultation with NCD, APST, NIST, and others |
| Design voluntary framework for government engagement with AI developers (including early access to frontier models) | 60 days (by August 1, 2026) | Same interagency group led by Treasury, NSA, and CISA with White House and Commerce coordination |
| Prioritize enforcement of federal criminal laws against AI-enabled cyber offenses | Ongoing (effective immediately from June 2, 2026) | Attorney General |
