Research and News

In response to the White House’s new Executive Order, “Promoting Advanced Artificial Innovation and Security,” our experts react to key provisions, outlining both implementation challenges ahead and opportunities to build on the administration’s approach.

AI agents can now orchestrate cyberattacks, dramatically altering the nature of cyber threats. To defend against these emerging threats, actors must first be able to detect them. This report outlines the AI challenge to traditional detection capabilities, introduces a framework to guide the response, and puts this into practice with actionable mechanisms.

The White House and Congress have begun acting on AI distillation attacks, but gaps remain. This memo assesses the OSTP NSTM and the proposed Deterring American AI Model Theft Act of 2026 and recommends further steps.

Advances in AI-enabled cyber capabilities risk giving threat actors an advantage. To advantage defenders, differential access shapes access to cyber-capable models. The U.S. government should leverage these initiatives to advance the White House Cyber Strategy and U.S. national security.

H200 exports to China would substantially boost Chinese frontier AI development and deployment capabilities, and therefore likely military applications for the PLA. Because end-user access and end use cannot feasibly be controlled once chips enter China, the BIS rule’s verification requirements are unenforceable. 

In February 2026, Anthropic, OpenAI, and Google published evidence of systematic campaigns by Chinese AI companies to extract capabilities from American frontier models. This memo examines how distillation attacks work, why there is a case for targeted government intervention and what that might look like. Recommendations are offered to support industry efforts to counter distillation attacks: (1) consider BIS Entity List designations for adversary AI companies conducting distillation attacks; (2) assess the merits of PAIP Act sanctions against those engaging in or facilitating distillation attack; (3) explore the development of a NIST-led AI Distillation Defense Framework for the broader ecosystem.

Offensive cyber capabilities in frontier AI models are advancing fast. In a matter of months, models have gone from near-zero to meaningful success rates on expert-level security challenges, and leading AI developers have begun triggering their own internal risk thresholds for cybersecurity. Meanwhile, real-world cases have already emerged in which AI agents autonomously executed significant portions of state-sponsored cyber campaigns. These developments raise an increasingly urgent question: what happens when AI systems can plan, execute, and sustain sophisticated cyber operations entirely on their own

The India AI Impact Summit was the fourth in a series of global AI summits. The stated goal of the Summit was to shift the global AI conversation toward “demonstrable impact”, with a focus on inclusive growth. This included orienting the Summit towards various use cases of AI, such as with panels discussing how to drive adoption in sectors like finance, healthcare, and agriculture.

Beijing-based, Alibaba-backed AI company Moonshot now offers Kimi Claw - an 'always-on' AI agent embedded in its consumer platform that can access users' files, apps, and communications continuously. Where TikTok collects data from a single app, these agents represent a qualitatively deeper level of data exposure. This memo examines the privacy, cybersecurity, and national security risks, and recommends four low-cost steps the federal government can take now.

A new memo by IAPS Associate Researcher Oscar Delaney reviews the emerging “MAIM” (mutual assured AI malfunction) literature and evaluates the strategic dynamics that could shape ASI deterrence.