OpenAI Outlines Plan to Mitigate Cybersecurity Risks from Advanced AI Models

Executive Summary

OpenAI has publicly detailed its proactive strategy to manage the dual-use nature of its advanced AI models and the potential for 'high' level cybersecurity risks. Acknowledging the rapid advancement of its models, the company will now default to treating all future frontier models as capable of significantly enhancing cyber operations, such as automating vulnerability discovery and exploitation. To govern this, OpenAI is establishing a 'Frontier Risk Council' of external cybersecurity experts to provide oversight. It is also launching a tiered 'trusted access program' to provide its most powerful capabilities exclusively to vetted partners for cyber defense purposes. This initiative aims to empower defenders while preventing misuse, reflecting a broader industry concern following reports of AI being used in state-sponsored cyberattacks.

Regulatory Details

While not a formal regulation, OpenAI's announcement represents a significant step in self-governance for the AI industry. The core of the strategy is built around OpenAI's Preparedness Framework, which defines risk levels based on a model's capabilities.

• 'High' Risk Designation: OpenAI will now preemptively classify future models as potentially reaching this level. A 'High' risk model is one that could provide a step-change in malicious cyber capabilities, such as finding novel vulnerabilities in code automatically or scaling sophisticated social engineering campaigns.
• Frontier Risk Council: This external advisory body, composed of cybersecurity professionals, will work with OpenAI's internal safety teams to assess risks and guide the development and deployment of new models.
• Trusted Access Program: This initiative will create a tiered system for accessing OpenAI's most advanced AI capabilities. The highest tiers will be restricted to qualified organizations focused on cyber defense, ensuring that powerful tools are used to strengthen security rather than undermine it.
• Industry Collaboration: OpenAI is also working with competitors like Anthropic through the Frontier Model Forum to share threat intelligence and best practices on preventing the malicious use of AI.

Affected Organizations

The primary organization is OpenAI itself, which is implementing these policies. The strategy will also affect:

• Cybersecurity Defenders: Vetted organizations will gain access to powerful new AI tools to enhance threat detection, vulnerability analysis, and incident response.
• AI Users: General access to the most powerful models may be more restricted or delayed as safety reviews are conducted.
• The AI Industry: OpenAI's move sets a precedent for other AI labs to adopt similar proactive risk management frameworks.

Compliance Requirements

For organizations wishing to join the 'Trusted Access Program,' compliance will likely involve a rigorous vetting process. This may include:

• Demonstrating a clear focus on cybersecurity defense.
• Agreeing to strict usage policies and monitoring.
• Having mature security practices to prevent misuse or leakage of the AI models.

Impact Assessment

OpenAI's proactive stance is a direct response to the accelerating capabilities of its models. The company cited the performance of its models in capture-the-flag (CTF) hacking competitions: GPT-5 achieved a 27% success rate in August 2025, while a newer model, GPT-5.1-Code-Max, jumped to a 76% success rate by November 2025. This rapid improvement underscores the potential for AI to automate tasks previously requiring significant human expertise.

The announcement also comes in the wake of a report that a state-sponsored cyber espionage campaign used Anthropic's Claude Code AI service to automate parts of its attack. OpenAI's strategy is designed to get ahead of this threat, ensuring that as models become powerful enough to be dangerous, robust guardrails are already in place. The business impact is a trade-off: slowing the public release of the most powerful features in favor of security and safety, while simultaneously creating a new, high-value product for the specialized cyber defense market.