Executive Order on Artificial Intelligence Expands Cybersecurity, Federal Oversight

The White House on June 2, 2026, issued an executive order (EO), titled "Promoting Advanced Artificial Intelligence Innovation and Security," establishing a voluntary framework permitting developers of certain advanced artificial intelligence (AI) models to voluntarily provide the federal government with model access prior to public release for cybersecurity and national security assessments.

The new framework also directs multiple agencies to strengthen federal cyber defenses, establish an AI cybersecurity clearinghouse and develop processes for identifying AI systems that may present heightened cybersecurity risks.

The EO represents the third major AI executive order of the Trump Administration's second term and marks a strategic shift from those prior orders. The earlier orders focused on eliminating regulatory barriers and asserting federal preemption of state AI laws, but this new order signals a growing recognition that advanced AI capabilities present national security concerns requiring coordinated government action.

Participation remains voluntary, but the increased federal attention to the cyber capabilities of frontier AI systems may establish new expectations regarding engagement between advanced AI developers and national security agencies. For companies developing advanced AI systems, the practical importance is that federal agencies will now have a structured pathway for engagement before certain models are released.

Key Provisions

The EO directs multiple agencies to prioritize AI-enabled cybersecurity, creates new mechanisms for collaboration between government and industry, and establishes a framework for identifying and evaluating frontier AI models that may present significant cybersecurity implications.

• Federal Cyber Defense Prioritization: Within 30 days, the Committee on National Security Systems, U.S. Department of War and U.S. Department of Homeland Security are directed to prioritize the cyber defense of national security systems, defense systems and civilian federal networks. The Cybersecurity and Infrastructure Security Agency (CISA) has been further directed to expand cybersecurity services and facilitate access to AI-enabled defensive tools for federal agencies, state and local governments, and critical infrastructure operators.
• AI Cybersecurity Clearinghouse: The U.S. Department of the Treasury, National Security Agency and CISA are directed to establish an AI cybersecurity clearinghouse in voluntary collaboration with the AI industry and critical infrastructure operators. The clearinghouse is intended to coordinate vulnerability discovery, software testing, remediation efforts and vulnerability disclosures.
• Federal AI and Cyber Workforce Expansion: Within 60 days, the Office of Personnel Management (OPM) must expand the U.S. Tech Force Information Cybersecurity Specialist hiring and placement pathways. The EO identifies workforce capacity as a component of national AI and cybersecurity readiness and directs OPM to strengthen federal recruitment and placement of technical personnel with cybersecurity expertise.                                            
• Covered Frontier Model Designation Process: Within 60 days, relevant agencies must develop a classified benchmarking process to assess advanced cyber capabilities of AI models and determine when a model should be designated as a "covered frontier model." Significant discretion is left to federal agencies regarding the criteria used to make such determinations, including the cyber capabilities that trigger designation, benchmarks used to evaluate those capabilities, thresholds for government engagement and categories of AI systems that may be subject to review.
• Voluntary Pre-Release Framework: Agencies are directed to establish a voluntary process for AI developers to engage with federal government agencies regarding covered frontier models. Participating developers may provide agencies access to covered models for up to 30 days before release to trusted partners and collaborate with the government regarding cybersecurity testing and secure deployment practices.
• AI-Enabled Cybercrime Enforcement: The U.S. Attorney General is directed to prioritize enforcement against criminal actors who use AI systems to unlawfully access computer systems, steal data or facilitate cybercrime.
• No Mandatory Licensing or Preclearance: The EO expressly states that nothing in the order authorizes a mandatory governmental licensing, permitting or preclearance requirement for AI model development, publication, release or distribution. This language appears intended to address concerns raised during the drafting process that federal review could become a de facto approval mechanism.

Potential Implications for AI Developers and Technology Companies

The immediate effect for developers is likely to be increased engagement with national security and cybersecurity agencies regarding frontier AI systems. Developers of highly capable models may face growing pressure from customers, policymakers and industry partners to participate in voluntary government-led security assessments.

There may be greater uncertainty regarding the definition of a "covered frontier model." The designation process will be developed through classified benchmarking procedures, limiting developer visibility into the threshold that would trigger federal interest.

Considerations for Companies

Companies developing advanced AI systems should review existing cybersecurity testing, vulnerability disclosure and model evaluation procedures to assess whether they align with the types of assessments contemplated by the EO, pending forthcoming guidance on the definition of frontier models that will be adopted by the government.

Critical infrastructure operators should monitor development of the AI cybersecurity clearinghouse and related federal programs that may provide access to enhanced cybersecurity services, vulnerability detection tools and AI-enabled defensive capabilities.  Financial institutions, healthcare providers, utilities and other operators identified in the EO may benefit from enhanced federal coordination regarding AI-related cyber risks.

Companies should recognize that the EO may represent an initial step toward a broader federal framework governing advanced AI capabilities. Though the current order emphasizes voluntary participation and rejects mandatory approval requirements, future executive actions, agency guidance or legislation could build upon the structures established by this EO.

Holland & Knight Can Help

Holland & Knight's Artificial Intelligence Policy Team continues to follow developments and will share additional analysis. If you have any questions about how this EO may impact your company, please contact the authors.

Information contained in this alert is for the general education and knowledge of our readers. It is not designed to be, and should not be used as, the sole source of information when analyzing and resolving a legal problem, and it should not be substituted for legal advice, which relies on a specific factual analysis. Moreover, the laws of each jurisdiction are different and are constantly changing. This information is not intended to create, and receipt of it does not constitute, an attorney-client relationship. If you have specific questions regarding a particular fact situation, we urge you to consult the authors of this publication, your Holland & Knight representative or other competent legal counsel.