OpenAI has published a new roadmap for “democratizing AI-powered cyber defense,” where it vows to expand its Trusted Access for Cyber (TAC) program to governments “at every level.”
The document, titled Cybersecurity in the Intelligence Age, was published by OpenAI’s Global Affairs team on April 30 − a few days after the company released its large language model (LLM) for cybersecurity defenders, GPT5.4-Cyber.
One of the main commitments the company made is to expand access of the TAC program for cyber defenders at the federal, state and local government levels. This spans national security missions and threat response to public health systems, emergency management, benefits delivery and local critical infrastructure.
While OpenAI did not specify which governments it is planning to include in the TAC program, the introduction of the action plan document clearly mentions the “US and its allies,” suggesting US government agencies could be among the first to be included in the program.
OpenAI Seeks Closer Government Ties Amid Anthropic’s US Government Standoff
Initially revealed in February, the TAC Program was designed to automate identity verification to help reduce the friction of safeguards on cybersecurity-related tasks and partner with a limited set of organizations.
An evolution of the program was announced alongside the release of GTP5.4-Cyber, with the introduction of additional tiers, including tiers reserved exclusively for “users willing to work with OpenAI to authenticate themselves as cybersecurity defenders.”
This comes as Anthropic, one of OpenAI’s largest competitors, is embroiled in a high-stakes conflict with the Trump administration, which designated the company a "supply chain risk" in March after it refused to give the US military unrestricted access to its Claude AI models.
Anthropic also launched Claude Mythos Preview, a new LLM alleged capable of autonomously find and fix cybersecurity vulnerabilities at scale, and Project Glasswing, an initiative designed to discover and fix cybersecurity vulnerabilities in software with the aid of LLMs.
Beyond the TAC program, OpenAI also shared its intention to collaborate with governments to refine cyber threat models, enhance real-time intelligence sharing and prioritize high-impact defensive applications for AI in critical infrastructure.
Read more: Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
OpenAI Expands TAC Program to Key Cyber Defenders
Outside of governments, OpenAI also committed to include more actors in its TAC program, including
- Industry actors whose defensive work can protect thousands or millions of downstream users, with a priority given to some sensitive sectors (e.g. financial services)
- Major cybersecurity platforms
- Cloud hyperscalers
- Infrastructure providers
- Internet-facing technologies
- Critical infrastructure operators, including smaller actors, such as hospitals, school districts, water utilities, municipalities and local infrastructure providers
- Software supply chain cyber defenders
OpenAI stated it will continue to progressively expand the TAC program over time.
Finally, the company also committed to expanding its internal cybersecurity capabilities, including red-teaming AI models for vulnerabilities, improving detection of misuse and refining safety mechanisms to prevent abuse.
Image credits: Thrive Studios ID / Koshiro K / Shutterstock.com
Read now: AI Companies to Play Bigger Role in CVE Program, Says CISA