Trump AI plan calls for cybersecurity assessments, threat info-sharing

This audio is auto-generated. Please let us know if you have feedback.

The U.S. government will expand information sharing, cyber risk evaluations and guidance to the private sector to address the cybersecurity threats posed by artificial intelligence, according to an “AI action plan” that the Trump administration published on Wednesday.

“As our global competitors race to exploit these technologies, it is a national security imperative for the United States to achieve and maintain unquestioned and unchallenged global technological dominance,” President Donald Trump said in a preface to the 28-page document, which proposes a wide range of AI activities related to innovation, infrastructure and international engagement.

One part of Trump’s plan calls for the U.S. to help critical infrastructure operators protect their AI systems from hackers, a top priority as more infrastructure facilities incorporate AI to speed up and protect their industrial processes. “With continued adoption of AI-enabled cyberdefensive tools, providers of critical infrastructure can stay ahead of emerging threats,” the plan says. “However, the use of AI in cyber and critical infrastructure exposes those AI systems to adversarial threats.”

The plan recommends that the Department of Homeland Security create and run an information sharing and analysis center (ISAC) focused on AI “to promote the sharing of AI-security threat information and intelligence across U.S. critical infrastructure sectors.” Such an ISAC would be the first to not be associated with a specific sector.

Another recommendation calls for DHS to produce guidance for the private sector on fixing AI system vulnerabilities and countering hackers’ use of AI in their attacks. In addition, the plan says, federal agencies should prioritize sharing information about AI vulnerabilities with the private sector.

Trump’s plan argues that cyber defenders need to improve their responses to incidents involving AI vulnerabilities. The document recommends that the Center for AI Standards and Innovation (CAISI), housed at the National Institute of Standards and Technology (NIST), “partner with the AI and cybersecurity industries to ensure AI is included in the establishment of standards, response frameworks, best practices, and technical capabilities (e.g., fly-away kits) of incident response teams.” It also encourages CISA to update its incident response playbooks to address AI-specific considerations.

As AI systems grow more powerful, experts warn, “frontier” models will create novel risks, possibly enabling new kinds of cyberattacks or facilitating the construction of weapons of mass destruction. To get ahead of these threats, the plan calls for CAISI to partner with frontier model developers to evaluate their national security risks, and for NIST and other agencies to prioritize the recruitment of “leading AI researchers” who can conduct these “cutting-edge evaluations.”

Trump also wants CAISI to work with national security agencies to evaluate “potential security vulnerabilities and malign foreign influence arising from the use of adversaries’ AI systems in critical infrastructure and elsewhere in the American economy, including the possibility of backdoors and other malicious behavior.”

Secure AI software development

Trump’s AI agenda also flags the importance of weeding out security vulnerabilities in the AI software purchased by the government. “Promoting resilient and secure AI development and deployment should be a core activity of the U.S. government,” the plan says. It calls for the military and the intelligence community to publish standards that govern their use of the technology.

Other sections of the plan deal with the promotion of U.S.-friendly international AI standards and the protection of innovative research from foreign adversaries. On the international front, the document encourages the Departments of State and Commerce to “vigorously advocate for international AI governance approaches that promote innovation, reflect American values, and counter authoritarian influence.” To safeguard innovation, the plan recommends that CAISI to work with DHS and the Department of Defense to help AI developers protect their technology from hackers intent on stealing or sabotaging their work.

It remains unclear how effectively federal agencies reeling from Trump’s chaotic and wide-ranging workforce purge will be able to implement his ambitious AI agenda. The CAISI, to which the plan assigns many security-related projects, has struggled as NIST loses talented AI and cyber researchers. And the State Department’s recent reorganization and mass layoffs have undermined its tech and cyber diplomats’ ability to promote U.S. interests on issues like AI around the world, according to experts. Similarly, layoffs at CISA could make it harder for the cyber agency to manage new projects like an AI ISAC.

Trump’s AI plan represents a break from the approach that former President Joe Biden took with AI, which emphasized the importance of government oversight and bias prevention for the development of safe and responsible AI models. Trump scrapped Biden’s oversight mechanisms, and his new plan recommends removing “red tape and onerous regulation,” including by blocking federal AI funding to states with “burdensome” rules. In a nod to right-wing criticisms of AI safety work, the plan also calls for NIST to remove “references to misinformation, Diversity, Equity, and Inclusion, and climate change” from its AI Risk Management Framework and for other agencies to only buy “objective,” unbiased AI tools.