What the New AI Innovation and Security Executive Order Actually Does

Written By Zack Huhn

On June 2, 2026, the President signed an executive order titled “Promoting Advanced Artificial Intelligence Innovation and Security.” The order sets a federal policy of working with the private sector to harden government and industry systems against cyber threats, protect American intellectual property, and build out the country’s AI-enabled defensive capabilities. Here is a plain-language walkthrough of what it requires and the deadlines attached to each piece.

The core policy

The order frames continued U.S. AI leadership as a function of light-touch regulation paired with faster, more secure deployment. It states that the policy of the United States is to modernize and harden both government and private sector information systems, to protect American innovation and intellectual property from theft by adversaries, and to cultivate advanced AI-enabled capabilities. The stated approach throughout is collaboration with industry rather than mandates on it.

Hardening federal and critical systems (Section 2)

Most of the order is a set of time-bound directives to federal agencies. Within 30 days, several bodies must prioritize cyber defense of the systems they oversee:

  • The Committee on National Security Systems prioritizes defense of National Security Systems.

  • The Secretary of War prioritizes defense of Department of War information systems.

  • The Secretary of Homeland Security, through CISA, issues Binding Operational Directives to speed defense of civilian federal systems, expand AI-enabled defensive tools, and widen access to cybersecurity services.

That last point matters for smaller players. The order specifically calls out facilitating access to cybersecurity tools and services, including covered frontier models where appropriate, for state and local authorities and for operators of critical infrastructure such as rural hospitals, community banks, and local utilities.

The section also creates an AI cybersecurity clearinghouse, led by the Treasury in voluntary collaboration with industry, to coordinate scanning for software vulnerabilities, validate them, and prioritize the distribution of patches. It directs the Office of Management and Budget to check within 30 days whether existing federal grant funding can be steered toward AI vulnerability detection, and gives the Office of Personnel Management 60 days to expand technology cybersecurity hiring pathways.

Secure frontier model deployment (Section 3)

Within 60 days, a group led by Treasury, the NSA, and CISA must build a classified benchmarking process to assess the cyber capabilities of AI models and set the threshold at which a model becomes a “covered frontier model.” The NSA Director makes that designation.

Alongside the benchmark, the order calls for a voluntary framework that lets developers ask the government whether a model qualifies, optionally provide the government access to a covered model for up to 30 days before wider release under confidentiality and IP protections, and collaborate on selecting trusted partners for early access.

One line is worth flagging for anyone worried about red tape: the order explicitly states that nothing in this section authorizes a mandatory government licensing, preclearance, or permitting requirement for developing or releasing new AI models, including frontier models. Participation is framed as voluntary throughout.

Enforcement against malicious use (Section 4)

The order directs the Attorney General to prioritize enforcement of existing federal criminal statutes, including laws on identity fraud, computer fraud, and wire fraud, against anyone who uses AI to illegally access or damage computer systems or to further other crimes. This includes using AI agents to unlawfully access data later used for an unlawful purpose. No new criminal authority is created here; the order sharpens enforcement of laws already on the books.

Why it matters

For the AI ecosystem, three things stand out. First, the order leans hard on voluntary, industry-collaborative mechanisms rather than mandates, and says so in plain terms. Second, it tries to push advanced defensive tools, including frontier models, down to under-resourced critical infrastructure operators that are frequent targets and rarely have the budget to defend themselves. Third, the timelines are short. Many of the building blocks are due within 30 to 60 days, so the practical shape of the clearinghouse, the benchmarking process, and the voluntary framework should become clearer over the summer.

Organizations working in AI readiness, cybersecurity, and critical infrastructure should watch for the forthcoming CISA directives and the covered frontier model framework, since those documents will determine how much of this affects day-to-day operations.

Source

Executive order, “Promoting Advanced Artificial Intelligence Innovation and Security,” The White House, June 2, 2026. Read the original.

Companion fact sheet, The White House, June 2, 2026. Fact sheet.

Enterprise Technology Association  |  hello@joineta.org  |  joineta.org

Zack Huhn
Next

US AI Congress 2026: What We Heard, What We Launched, and What Comes Next