CISA to Issue 1st AI Security Directive by Friday, Expanding LLM Defenses Under Trump Order
Updated
Updated · Federal News Network · Jun 4
CISA to Issue 1st AI Security Directive by Friday, Expanding LLM Defenses Under Trump Order
3 articles · Updated · Federal News Network · Jun 4
Summary
Friday is the target for CISA to issue at least one binding operational directive ordering civilian agencies to secure large language models, acting director Nick Andersen said.
The move follows President Donald Trump’s AI executive order, signed Tuesday, which gives CISA 30 days to publish directives or guidance that speed cyber defense and vulnerability remediation across civilian federal systems.
CISA is also building a governmentwide AI access platform to give agencies secure defensive tools and a repeatable process for managing attack-surface and vulnerability data.
Within 60 days, the order also requires CISA, NIST and NSA to stand up a voluntary review system for frontier AI models before public release, while Treasury and other agencies form an AI cybersecurity clearinghouse.
The expanded workload lands as DHS says CISA needs hundreds more hires: staffing has fallen to about 2,200 from roughly 3,400, below the 2,800 level Secretary Markwayne Mullin says is needed.
With CISA understaffed, can its ambitious AI cyber defense plan succeed before adversaries overwhelm federal networks?
If the new AI safety framework is voluntary, what will compel tech giants to reveal their models' deepest security flaws?
From Voluntary to Mandatory? The June 2026 U.S. AI Security Order and the Future of Cyber Regulation
Overview
On June 2, 2026, President Trump signed an executive order to address the urgent rise of AI-driven cyber threats, as active attacks and critical vulnerabilities were already impacting key infrastructure. This order marked a shift from preparing for future risks to responding to threats already in motion. It required CISA to quickly issue its first AI security directive, focusing on defending federal networks against new dangers from large language models and advanced AI systems. The move recognized that sophisticated AI technologies bring complex vulnerabilities, demanding immediate and targeted security actions to protect government systems.