Trump Signs AI Executive Order, But Government Faces Hard Implementation Questions
President Trump signed an executive order on AI on June 2 that marks a significant shift for an administration that has resisted regulating artificial intelligence. The order requires AI companies to voluntarily submit their most powerful models to federal cybersecurity review for up to thirty days before public release.
The move signals acknowledgment of real security risks. Researchers have documented that advanced AI systems like Anthropic's Claude can autonomously identify and exploit vulnerabilities in software. State-aligned actors are already using frontier AI models to automate cyberattacks.
But the order's real test lies in execution-and the government is not well positioned to manage it.
The Order's Structure
The executive order, titled "Promoting Advanced Artificial Intelligence Innovation and Security," attempts to create what officials call a cybersecurity window of opportunity. The idea is simple: give defenders access to powerful AI capabilities before adversaries get them, then use that time to find and patch software vulnerabilities.
A Treasury Department-led clearinghouse would coordinate this work across AI firms, technology companies, and critical infrastructure operators. The National Security Agency would run a classified process to identify which models require review.
This represents a retreat from an earlier May version that would have imposed a ninety-day review period. That version was pulled after concerns it would handicap U.S. AI labs competing against China. The final order cuts the window to thirty days.
Where Implementation Breaks Down
Finding vulnerabilities is the easy part. Fixing them across thousands of organizations is not.
School districts, water treatment facilities, and other under-resourced critical infrastructure operators struggle with basic cybersecurity practices. Many lack staff or budget to patch systems consistently. The federal government itself has cut cybersecurity workforce capacity substantially in the past eighteen months, making it poorly equipped to coordinate a national software hardening campaign.
Open-source projects pose another problem. No single entity controls them, so coordinating patches is difficult. Even when patches exist, organizations often fail to deploy them quickly enough.
The Treasury Department's prominent role in executing this order may reflect reality rather than ideal bureaucratic design. It's one of the few agencies with remaining institutional capacity for this work.
The Capability Gap
Pre-deployment testing has inherent limits. Models that cannot identify vulnerabilities may not be commercially viable. Frontier AI labs will likely participate voluntarily-if only to avoid stricter regulation later-but other models will soon replicate these capabilities.
Researchers have already shown that vulnerability-finding abilities can be reproduced in open-weight systems, meaning capabilities will spread beyond the labs that first develop them.
Ransomware gangs may still find it cheaper to buy stolen credentials than develop AI-driven attack chains. The most sophisticated state actors, including China, already penetrate poorly defended networks without needing advanced AI tools.
Unresolved Conflicts Within Government
The order arrives amid internal disagreement about how to compete with China on AI. The Pentagon is pushing to integrate frontier AI into military operations and seeking nearly $30 billion for its own AI infrastructure.
Yet in February, the Pentagon designated Anthropic a supply-chain risk after the company declined to waive restrictions on mass surveillance and autonomous weapons. The Pentagon continued using Anthropic's Claude anyway while searching for alternatives.
This conflict reflects competing priorities: racing ahead to maintain advantage, asserting government control for military benefit, or acting now to mitigate risks. The order addresses only the third question.
The Definitional Problem
The order's success depends on clearly defining what counts as a "covered frontier model" requiring review. This is harder than it sounds.
Frontier AI systems are probabilistic, not deterministic. They exhibit new behaviors as they scale. A model that appears unremarkable in testing can become a potent cyber tool when integrated into a real-world system with access to infrastructure.
Define the trigger too narrowly and dangerous capabilities ship without evaluation. Define it too broadly and the government exhausts limited talent doing repetitive reviews of yesterday's models.
The Collaboration Question
The voluntary framework depends on genuine collaboration between government and AI labs. The national security community needs to build real tradecraft for evaluating probabilistic, autonomous systems that change with every update.
Frontier labs often see existential risk everywhere without experience judging which risks matter. The national security community sees risk everywhere without technical depth to distinguish novel threats from familiar ones.
If both sides treat this as honest exchange rather than box-checking, the framework could help rebuild trust between Silicon Valley and Washington. If not, it becomes theater.
The Timing Problem
Frontier AI capabilities advance on a timeline measured in months. Government institutions move on a timeline measured in years. The classified benchmarking process will need to match technology's pace or it will assess old models against old threats.
This order asks the right question: How does the United States evaluate the most powerful AI systems for national security risk while preserving innovation advantage? The answer depends on whether government can actually execute it.
For government professionals working on AI policy or cybersecurity, understanding this order's gaps is as important as understanding its intent. AI for Government resources can provide context on how these policies are likely to develop. Those involved in policy analysis may find AI Learning Path for Policy Makers useful for deeper understanding of AI governance frameworks.
Your membership also unlocks:
