The intersection of artificial intelligence and cybersecurity has rapidly ascended to the top of the Washington policy agenda. Following the administration’s June 2, 2026, Executive Order on AI cybersecurity, the Congressional Internet Caucus recently convened a panel of industry experts, policy analysts, and former officials to discuss the shifting threat landscape. Advanced “frontier” AI models like Anthropic’s Mythos have completely transformed the timeline of vulnerability discovery, shortening the window between flaw identification and weaponization to mere seconds by generating actionable exploit code simultaneously with discovery.

To manage the volume of AI-generated threats, panelists focused heavily on the new executive order’s proposal to establish a centralized federal AI cybersecurity clearinghouse. This body is intended to deconflict and coordinate software vulnerability scanning, validation, and patch distribution across government and critical infrastructure sectors. Panelists widely agreed that some form of institutional mechanism is necessary to assist organizations currently overwhelmed by processing dozens of daily vulnerabilities across their software dependencies.

In what was an otherwise productive discussion, Ari Schwartz of Venable LLP urged Congress to reauthorize the sunsetting Cybersecurity Information Sharing Act of 2015 (CISA 2015), framing it as an essential legislative baseline for effective public-private response to the AI-cybersecurity nexus. 

A closer look at the empirical record, however, reveals a stark mismatch between Washington’s enthusiasm for CISA and the operational reality of these frameworks.

The Failed Promises of Centralized Information Sharing

CISA was passed in 2015 and expired in 2025. For over a decade, federal agencies and legacy legislation have operated under the assumption that CISA’s liability protections and flagship implementation of an “Automated Indicator Sharing (AIS)” capability was an essential element in national cyber defense. Since 2022, however, the failure of the program has been evident. It did not catalyze higher levels of threat information sharing. It was evaluated in recent Department of Homeland Security Office of Inspector General (OIG) and Interagency joint compliance reports. [1, 2, 3] As we wrote in January, the automated sharing ecosystem is plagued by severe decay and structural failure:

• Collapsing Participation: The overall number of federal and non-federal participants actively utilizing AIS has plummeted by a staggering 65 percent since its peak in 2020. By 2024, AIS was left with a mere 18 federal participants and 87 non-federal participants.
• Systemic Overreliance: While the total volume of shared cyber threat indicators (CTIs) superficially increased in 2024, a single private-sector platform’s contributions accounted for 89 percent of the public collection and 83 percent of the entire federal collection. This shows that the laws intent – to encourage and expand threat sharing – isn’t working.
• Technical and Structural Inertia: Federal entities remain notoriously reluctant to share operational incident data via machine-to-machine connections due to institutional bottlenecks, a lack of organizational resources, and policy constraints. Furthermore, downstream operators frequently choose to ignore or avoid uncategorized federal threat feeds because the shared indicators lack the specific operational context required to deploy fixes safely.

Furthermore, arguments that private firms need state-sanctioned safe harbors to circumvent antitrust liabilities when sharing technical data are largely hollow. As detailed by the Department of Justice (DOJ) and the Federal Trade Commission (FTC) in their joint antitrust policy statement, properly designed cyber threat exchanges are highly technical and distinct from competitively sensitive business data like pricing or output. The agencies have explicitly maintained for over two decades that legitimate cybersecurity information sharing does not violate antitrust laws. The legal roadblocks are a myth; the actual barrier is that government-managed clearinghouses simply fail to deliver timely, actionable value.

The Clearinghouse Trap: Centralizing Power, Stifling Innovation

In light of the chronic underperformance of existing automated frameworks like AIS, the 2026 Executive Order’s proposed AI cybersecurity clearinghouse is distinctly misplaced. Rather than modernizing defense, the mandate serves as a vehicle to expand state control over cutting-edge artificial intelligence.

The Executive Order additionally outlines a “Secure Frontier Model Deployment” framework that establishes a classified benchmarking process to designate advanced models as “covered frontier models”. Under the guise of being voluntary, firms are strongly incentivized to turn over their models to the federal government for up to 30 days before public release. The government then assumes the role of an arbiter, collaborating with firms to selectively hand-pick which “trusted partners” are granted early access to promote critical infrastructure security.

Taken together, this represents an unnecessary, centralized gatekeeping regime. Inserting a federal clearance step into the software pipeline slows down the deployment of capability equally valuable to defenders, introduces immense political and national security groupthink and opportunity for regulatory capture, and expands state visibility into proprietary algorithms and weights under the banner of deconflicting code scanning.

A Better Path: Decentralized Disclosure, Market Incentives, Transparent Process

The policy fixation on state-managed clearinghouses and review overlooks a far more robust, agile, and proven alternative to producing cybersecurity: the decentralized model of responsible disclosure governed by widely accepted norms, recommendations, standards, and guidance, which lowers coordination costs and is led by the AI ecosystem itself. 

The success of Anthropic’s “Project Glasswing” initiative offers an illustrative roadmap. Under Project Glasswing, advanced frontier models like Mythos were provided directly to diverse, private-sector security partners and system defenders. Rather than routing vulnerability details through a slow-moving government clearinghouse, this advanced access allowed operators to rapidly stress-test their own code, identify thousands of live flaws across complex dependencies, and patch systems in real-time before adversaries could weaponize them. While the Glasswing initiative shows it can be done, we’ve noted its club governance structure needs to evolve. Comcast’s Elizabeth Chernow similarly pointed this out in the panel, noting a recent paper promoting criteria for Responsible Advanced Access.

Decentralized, voluntary defense continues to succeed because it leverages the natural economic incentives of network operators. Critical infrastructure operators, enterprise businesses, and software maintainers possess an existential, bottom-line interest in protecting their own networks and customer data. When AI providers distribute advanced testing models that fundamentally reduce vulnerability identification costs directly to these stakeholders, they help unlock a massive, parallelized army of defenders using multiple models who are contextually aware and uniquely equipped to find flaws and develop and validate patches without breaking downstream dependencies.

As Google’s Kate Charlet observed during the panel, true long-term security will be achieved by embedding AI capabilities directly into standard software development workflows and cloud architectures, ensuring that insecure code is caught before it is ever compiled. This structural shift requires broad, open access to advanced tooling—not a restricted government gatekeeping system that funnels code to a federal clearinghouse and approval. 

Unfortunately, the administration doubled down last week, leveling export controls on Anthropic’s Mythos and Fable (Mythos with guard rails) large language models. Anthropic complied and stated they “believe the government should have the ability to block unsafe deployments, as part of a statutory process that is transparent, fair, clear, and grounded in technical facts.” Multiple cybersecurity experts questioned the rationale for the ban, argued “pulling the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous”, and called for an “open, scientific and transparent process of handling AI risk assessments in the future.” 

We agree. Rather than reviving failed information-sharing approaches via CISA reauthorization, bottlenecking frontier model access through federal directives, and hobbling the fast evolving production of cybersecurity, Washington should support defenders and innovation.

The post Defending Cyberspace: Cybersecurity and Frontier AI appeared first on Internet Governance Project.