\n<\/p>\n
OpenAI on Tuesday<\/span> announced the next phase of its cybersecurity strategy and a new model specifically designed for use by digital defenders, GPT-5.4-Cyber.<\/p>\n The news comes in the wake of an announcement last week by competitor Anthropic that its new Claude Mythos Preview model is only being privately released for now\u2014because, the company says, it could be exploited by hackers and bad actors. Anthropic also announced an industry coalition, including competitors like Google, focused on how advances in generative AI across the field will impact cybersecurity.<\/p>\n OpenAI seemed to be seeking to differentiate its message on Tuesday by striking a less catastrophic tone and touting its existing guardrails and defenses while hinting at the need for more advanced protections in the long term.<\/p>\n \u201cWe believe the class of safeguards in use today sufficiently reduce cyber risk enough to support broad deployment of current models,\u201d the company wrote in a blog post. \u201cWe expect versions of these safeguards to be sufficient for upcoming more powerful models, while models explicitly trained and made more permissive for cybersecurity work require more restrictive deployments and appropriate controls. Over the long term, to ensure the ongoing sufficiency of AI safety in cybersecurity, we also expect the need for more expansive defenses for future models, whose capabilities will rapidly exceed even the best purpose-built models of today.\u201d<\/p>\n The company says that it has homed in on three pillars for its cybersecurity approach. The first involves so-called \u201cknow your customer\u201d validation systems to allow controlled access to new models that is as broad and \u201cdemocratized\u201d as possible. \u201cWe design mechanisms which avoid arbitrarily deciding who gets access for legitimate use and who doesn\u2019t,\u201d the company wrote on Tuesday. OpenAI is combining a model where it partners with certain organizations on limited releases with an automated system introduced in February, known as Trusted Access for Cyber or TAC.<\/p>\n The second component of the strategy involves \u201citerative deployment,\u201d or a process of \u201ccarefully\u201d releasing and then refining new capabilities so the company can get real-world insight and feedback. The blog post particularly highlights \u201cresilience to jailbreaks and other adversarial attacks, and improving defensive capabilities.\u201d Finally, the third focus is on investments that the company says support software security and other digital defense as generative AI proliferates.<\/p>\n OpenAI says that the initiative fits into its broader security efforts, including an application security AI agent launched last month known as Codex Security, a cybersecurity grants program that began in 2023, a recent donation to the Linux Foundation to support open source security, and the \u201cPreparedness Framework\u201d that is meant to assess and defend against \u201csevere harm from frontier AI capabilities.\u201d<\/p>\n Anthropic’s claims last week that more capable AI models necessitate a cybersecurity reckoning have been controversial among security experts. Some say the concern is overstated and could feed a new wave of anti-hacker sentiment\u2014consolidating power even more with tech giants. Others, though, emphasize that vulnerabilities and shortcomings in current security defenses are well known and really could be exploited with new speed and intensity by an even broader range of bad actors in the age of agentic AI.<\/p>\n<\/div>\n