The Trump administration is preparing to order US agencies to partner with artificial intelligence companies to protect networks from AI-enabled cyber attacks, though the directive would stop short of requiring government approval for cutting-edge models, according to people familiar with the matter. 

A draft executive order from President Donald Trump would revamp existing cybersecurity information-sharing programs to include AI companies and address threats posed by the emerging technology, said the people, who spoke on condition of anonymity to discuss confidential proceedings. 

Those changes would make it easier to find and patch vulnerabilities across federal, state and local networks, as well as critical US infrastructure, without mandating new oversight of AI models, the people said.

In response to a request for comment, a White House official characterised discussion of potential executive orders as speculation and said that any policy announcement would come directly from Trump. Spokespeople for top AI developers OpenAI and Anthropic PBC didn’t immediately respond to messages seeking comment.

The directive is taking shape about a month after Anthropic revealed that its breakthrough Mythos model was extraordinarily adept at finding network vulnerabilities and could pose a major cybersecurity risk. The company has limited Mythos access for now to a handful of large tech and Wall Street companies, amid broader global alarm about the new threats it could pose to critical systems.

The planned order wouldn’t require companies to allow the government to test their models before release, according to the people. Earlier thinking about mandating government approval of new AI systems is falling out of favour and the directive now emphasises voluntary participation by developers, the people said.

Trump’s chief of staff, Susie Wiles, who has begun to take a more direct role in shaping AI policy, said late Wednesday that the US government would refrain from playing favourites in the AI race. 

"When it comes to AI and cyber security, President Trump and his administration are not in the business of picking winners and losers,” Wiles wrote on X. "This administration has one goal; ensure the best and safest tech is deployed rapidly to defeat any and all threats.”

Trump administration officials have been pushing to make Mythos more widely available to federal agencies to test their networks for security flaws. White House officials recently rejected Anthropic’s plans to distribute Mythos to several dozen additional companies and organisations, citing security concerns.

The Mythos breakthrough has prompted administration officials to accelerate existing efforts to craft AI policy that would address a range of security issues. Wiles and other administration officials met on April 17 with Anthropic Chief Executive Officer Dario Amodei, where topics discussed included Mythos.

The US already runs a voluntary program to evaluate AI systems before their release, and on Tuesday the Commerce Department announced an expansion of the initiative. Alphabet Inc’s Google, Microsoft Corp and xAI have agreed to give the US government access to their models to assess the systems’ capabilities and help improve security. OpenAI and Anthropic were already part of the initiative, led by the department’s Center for AI Standards and Innovation.

The order wouldn’t name any specific AI companies as partners, nor would it bar Anthropic from participating in information sharing related to cyber threats. Anthropic is fighting the supply-chain risk designation in court, and defence officials have signalled recently that they regard the cyber capabilities of the company’s Mythos model as a distinct issue.

Timing of that memo remains fluid, and the document wouldn’t lift the Pentagon’s supply-chain declaration. But its language would address some of the concerns raised by the Pentagon and Anthropic during increasingly tense contract negotiations.

The US already facilitates public-private partnerships focused on cybersecurity similar to the one outlined by the planned order. These run primarily through the FBI and the Cybersecurity and Infrastructure Security Agency, which work with private companies to investigate hacks, mitigate damage and share intelligence to aid in attack recovery. 

Under that model, private companies agree to cooperate because it enhances their own security. The pending order would offer similar incentives for AI companies. – Bloomberg