Time to keep up with AI-driven attacks is narrowing, OpenAI says

OpenAI is outlining a plan to expand access to advanced AI tools for cybersecurity defenders, warning that attackers are already using the technology to scale operations. In contrast, Anthropic has taken a more cautious stance, emphasizing tighter control and restricted access to advanced AI capabilities.

“Malicious actors are using AI to improve phishing, automate reconnaissance, accelerate malware development, evade detection, and increase the scale of cyber operations,” said Sasha Baker, Head of National Security Policy at OpenAI.

“These groups don’t need the most advanced frontier models to cause real harm; even capable mid-tier systems can provide meaningful operational advantage.”

OpenAI argues that treating these systems as too dangerous for widespread defensive use, or restricting them to a limited group of approved partners, is not the right approach.

Instead, they believe that the best approach is to equip trusted defenders faster than attackers can adapt, while also maintaining safeguards and oversight.

This approach forms the core of OpenAI’s cybersecurity action plan, which is built around five pillars:

• Democratizing cyber defense
• Coordinating across government and industry
• Strengthening security around frontier cyber capabilities
• Preserving visibility and control in deployment
• Enabling users to protect themselves

Democratizing cyber defense

OpenAI said it will expand access to advanced cybersecurity AI through its Trusted Access for Cyber (TAC) program, which provides vetted defenders with more capable models for defensive work. The program uses tiered access based on trust level and mission needs, with stricter controls applied to more powerful capabilities.

The company plans to extend access to government agencies, large industry players such as cloud and security providers, and smaller critical infrastructure providers through intermediaries. The aim is to support defenders at scale while maintaining oversight and limiting misuse.

Coordinating across government and industry

Giving defenders access to AI tools is not enough on its own, OpenAI notes. To make those tools useful at scale, everyone involved in cybersecurity needs to work together and share information quickly.

The plan calls for a shared understanding of threats, faster exchange of threat intelligence, and closer alignment on priority sectors and use cases. It also points to existing government channels for cyber defense and highlights the need for stronger cooperation across AI labs to track misuse and emerging threats.

“We want to plug into the structures that government already uses for cyber defense and incident response—including existing cyber defense, intelligence-sharing, and incident response channels,” Baker added.

Strengthening security around frontier cyber capabilities

Preventing unauthorized access to models, data, and systems is described as a key safety measure. Internal security is being strengthened through tighter access controls, stronger segmentation, enhanced monitoring, and improved supply chain protections.

External partners are also being involved to test defenses and assess security. Insider risk is highlighted as a major concern, with steps taken to improve access controls, auditability, and monitoring.

“We are increasingly using our own technologies to augment defenders internally, including helping identify vulnerabilities in code, surface suspicious network activity, accelerate defensive workflows, and disrupt malicious uses of AI. Frontier cyber capabilities need to be deployed for both securing customers externally and strengthening our own resilience as well,” Baker noted.

Preserving visibility and control in deployment

Expanding access to advanced AI tools must be paired with strong oversight and the ability to detect misuse. OpenAI says access should be tiered based on user identity, use case, and security posture, with stricter requirements for more capable systems.

Built-in safeguards apply to general users, while higher-trust users are subject to additional monitoring, including the use of threat intelligence to identify suspicious activity. The company also stresses the need for ongoing control after deployment, with the ability to adjust restrictions, limit access, or revoke it if misuse is detected.

Enabling users to protect themselves

OpenAI believes cybersecurity should not be limited to governments and large organizations, and that everyone should have access to tools that help them stay safe online.

The company notes that millions of users already rely on ChatGPT to check suspicious messages and understand potential risks. It plans to introduce additional features to improve account security and provide more accessible guidance, particularly for households and small businesses.

“AI will reshape cybersecurity whether institutions are ready or not. This moment is a wake-up call, and we have a limited window of time to get it right,” concluded Baker.