Policy Actions for Enabling Cyber Defense Through Differential Access

The White House's AI Action Plan encourages critical infrastructure to adopt AI-enabled tools for cyber defense. In our Differential Access report, we provided a strategic framework to help developers give defenders an advantage by shaping access to AI-powered cyber capabilities. In a new policy memo, we outline government actions that can enable Differential Access and promote AI adoption for cyber defense.

SUMMARY 

As frontier AI systems enhance both offensive and defensive cybersecurity capabilities, malicious adoption may outpace defensive use and disrupt existing cybersecurity paradigms. Further, unrestricted access to models with nation-state level cyber capabilities creates significant misuse risks. Differential access is a risk-based strategy to address these challenges by promoting access and adoption among cyber defenders, while limiting access to high-risk capabilities that could threaten national security. Our Asymmetry by Design report provides AI developers with three differential access approaches and a structured implementation process that includes guidance on capability evaluations, defender selection, organizational policy, and technical controls. While our report targets the private sector, the government can enable differential access through evaluating AIxCyber capability systems, funding defensive R&D and testing, providing technical implementation guidance, incentivizing developers to support strategic defenders, and promoting widespread adoption.

PROBLEM

Malicious actors face less regulatory or operational constraints, allowing them to potentially adopt AI systems faster than defenders. The potential emergence of nation-state level AIxCyber capabilities amplifies these risks, particularly as critical sectors like utilities, hospitals, and government agencies may lag behind due to limited resources and expertise for implementing advanced AIxCyber systems. More concerning, emergent risks such as automated AI attack agents, rapid vulnerability discovery and exploitation, or highly adaptable malware could fundamentally disrupt the current cybersecurity equilibrium and swing the advantage toward attackers.

SOLUTION 

Differential access tilts the cybersecurity balance toward defense by allowing AI developers to shape access to advanced AIxCyber capabilities. This strategy provides cyber defenders an asymmetric advantage through three risk-based approaches:

• Promote Access: Widespread adoption of lower-risk capabilities through open access and active promotion, focusing on innovation among strategically important defenders.

• Manage Access: Controlled distribution of medium-risk capabilities with targeted promotion to prioritized defenders, balancing opportunities and risks.

• Deny by Default: Restricted access to highest-risk nation-state level capabilities limited to select defenders, prioritizing risk mitigation while providing strategic defensive benefits.

All approaches prioritize defender access—even under the most restrictive scenarios. Our report outlines a multi-step implementation process for AI developers:

1. Assess cyber capabilities: Evaluate the model's current or potential AIxCyber capabilities for their defensive potential and risk of misuse. This includes forecasting future capabilities, understanding use cases, and assessing how downstream developers may build upon the model's capabilities through fine-tuning, scaffolding, and other techniques.

2. Set differential access goals: Define specific goals and objectives for the differential access approach. For example, a goal may be to provide vulnerability researchers with early access to advanced AIxCyber applications that can identify security vulnerabilities.

3. Assess defender levels and select defenders: Evaluate potential defenders based on their defender level—defined by both their ability to securely leverage AIxCyber capabilities and their criticality to the cybersecurity ecosystem or broader society.

4. Finalize a differential access approach: Determine whether to use Promote Access, Manage Access, or Deny by Default based on the model capabilities levels, defender assessments, and differential access goals.

5. Strategic and technical implementation: Consider organizational strategies, policies, and technical controls required to implement the selected differential access approach. This could include providing early model access to cybersecurity companies or security researchers, investing more in AIxCyber R&D, or controls to limit misuse.

RECOMMENDATIONS FOR GOVERNMENT

Government can enable differential access and accelerate AI adoption for cyber defense through targeted policy actions: 

• Evaluate AIxCyber Capability Systems: Evaluate frontier systems for AIxCyber capabilities and support developer and third-party evaluations by providing standardized datasets, testing methodologies, and frameworks for measuring offensive and defensive capabilities. These standards provide essential groundwork for informed differential access decisions across the industry.

• Fund Defensive AIxCyber R&D and Testing: Expand programs like DARPA's AI Cyber Challenge to accelerate AIxCyber defensive tool development. Provide AIxCyber researchers with priority access to public research infrastructure, including testbeds and cyber ranges for testing defensive AI cyber applications. Establish programs similar to CISA's Artificial Intelligence Enabled Vulnerability Detection Pilot.

• Provide Technical Implementation Guidance: Develop technical guidance and frameworks to help AI developers implement appropriate access controls that limit misuse while supporting defensive adoption.

• Incentivize Developers to Support Strategic Defenders: Create targeted incentives for AI developers to prioritize access and support for strategic defenders. This could include critical infrastructure operators, IT supply chain and internet infrastructure providers such as cloud service providers or software developers, and cybersecurity players like managed security service providers, security researchers, and threat intelligence firms.

• Promote Widespread Adoption: Establish support programs including grants, training, and technical assistance to help state and local governments, critical infrastructure, and key sectors adopt AIxCyber capabilities. Develop publicly available tools (e.g., NSA’s Ghidra platform) and provide direct AIxCyber defensive services similar to CISA’s CyberSentry and CyberHygiene programs.

This memo was co-authored by Christopher Covino, Senior Researcher, and Shaun Ee, Policy and Strategy Manager, both at IAPS.