Trump Signs Scaled‑Back AI Cybersecurity Order Targeting Critical Infrastructure

President Donald Trump signed an executive order on Tuesday that establishes a new federal framework for assessing artificial‑intelligence (AI) models before they become publicly available. The order assigns the Office of the National Cyber Director the responsibility of developing a process that would enable the government to share information about software vulnerabilities identified by AI systems with operators of critical infrastructure, including banks, local utilities and hospitals.

The original draft of the order called for a 90‑day review period and broader mandatory disclosures. After tech‑industry leaders expressed concern and the White House postponed the signing ceremony, Trump indicated he was dissatisfied with certain aspects of the initial proposal. The revised, scaled‑back version requires some AI companies to voluntarily submit their most powerful models for a 30‑day review before release.

Industry insiders had previously advocated for a shorter review window, even as brief as 14 days. The final compromise reflects a middle ground between the administration’s initial push for a longer, more stringent review and the sector’s desire for agility. The Office of the National Cyber Director will now craft guidelines that balance security needs with the pace of AI innovation.

Samir Jain, vice‑president of policy at the Center for Democracy and Technology, told Engadget that the order makes sense in principle, allowing critical‑infrastructure providers to patch vulnerabilities before AI capabilities spread widely. However, Jain also described the directive as “opaque,” noting that it provides little public visibility into how models are benchmarked or evaluated.

Jain warned that without transparent procedures, future administrations could wield the review process as a tool for political or ideological interference. "We don’t want a situation in which any administration can exercise arbitrary power over whether, when and how models are released," he said.

The move marks a departure from the Trump administration’s earlier AI policy, which focused largely on ideological concerns. Last summer’s AI Action Plan offered few guardrails for companies like OpenAI, and the administration previously sought to block procurement of AI systems deemed “woke.” The new order, by contrast, acknowledges genuine security risks posed by advanced AI and signals a willingness to intervene on technical grounds.

Critics argue that the voluntary nature of the review may limit its effectiveness, especially if major AI developers choose not to participate. Supporters contend that even a limited, collaborative review process could surface critical flaws before they affect essential services.

As the Office of the National Cyber Director begins work on the framework, stakeholders will watch closely to see whether the 30‑day window proves sufficient to identify and mitigate AI‑related vulnerabilities without stifling innovation.

This article was written with the assistance of AI.
News Factory SEO helps you automate news content for your site.