Articles About Donate Publish an Article Search K Subscribe Subscribe Articles About Donate Publish an Article Search K Subscribe Subscribe Subscribe Thank you! Your submission has been received! Oops! Something went wrong while submitting the form. Exporting Advanced Chips Is Good for Nvidia, Not the US Laura Hiscott — The White House is betting that hardware sales will buy software loyalty — a strategy borrowed from 5G that misunderstands how AI actually works. AI Could Undermine Emerging Economies Deric Cheng — AI automation threatens to erode the “development ladder,” a foundational economic pathway that has lifted hundreds of millions out of poverty. The Evidence for AI Consciousness, Today Cameron Berg — A growing body of evidence means it’s no longer tenable to dismiss the possibility that frontier AIs are conscious. AI Alignment Cannot Be Top-Down Audrey Tang — Community Notes offers a better model — where citizens, not corporations, decide what “aligned” means. AI alignment, attentiveness, Community Notes, Taiwan, Audrey Tang, model specification, deliberative governance, epistemic security, portability and interoperability, market design, Polis, reinforcement learning from community feedback, social media moderation, civic technology AGI's Last Bottlenecks Adam Khoja — A new framework suggests we’re already halfway to AGI. The rest of the way will mostly require business-as-usual research and engineering. AGI, artificial general intelligence, AGI definition, GPT-5, GPT-4, visual reasoning, world modeling, continual learning, long-term memory, hallucinations, SimpleQA, SPACE benchmark, IntPhys 2, ARC-AGI, working memory AI Will Be Your Personal Political Proxy Bruce Schneier — By learning our views and engaging on our behalf, AI could make government more representative and responsive — but not if we allow it to erode our democratic instincts. AI political proxy, direct democracy, generative social choice, ballot initiatives, voter participation, democratic representation, AI governance, Rewiring Democracy, Bruce Schneier, Nathan E. Sanders, policy automation, civic engagement, rights of nature, disenfranchised voters, algorithmic policymaking Is China Serious About AI Safety? Karson Elmgren — China’s new AI safety body brings together leading experts — but faces obstacles to turning ambition into influence. China AI Safety and Development Association, CnAISDA, China AI safety, World AI Conference, Shanghai AI Lab, Frontier AI risk, AI governance, international cooperation, Tsinghua University, CAICT, BAAI, Global AI Governance Action Plan, AI Seoul Summit commitments, Concordia AI, Entity List AI Deterrence Is Our Best Option Dan Hendrycks — A response to critiques of Mutually Assured AI Malfunction (MAIM). AI deterrence, Mutually Assured AI Malfunction, MAIM, Superintelligence Strategy, ASI, intelligence recursion, nuclear MAD comparison, escalation ladders, verification and transparency, redlines, national security, sabotage of AI projects, deterrence framework, Dan Hendrycks, Adam Khoja Summary of “If Anyone Builds It, Everyone Dies” Laura Hiscott — An overview of the core arguments in Yudkowsky and Soares’s new book. If Anyone Builds It Everyone Dies, Eliezer Yudkowsky, Nate Soares, MIRI, AI safety, AI alignment, artificial general intelligence, artificial superintelligence, AI existential risk, Anthropic deceptive alignment, OpenAI o1, Truth_Terminal, AI moratorium, book summary, Laura Hiscott AI Agents Are Eroding the Foundations of Cybersecurity Rosario Mastrogiacomo — In this age of intelligent threats, cybersecurity professionals stand as the last line of defense. Their decisions shape how humanity contends with autonomous systems. AI agents, AI identities, cybersecurity, identity governance, zero trust, least privilege, rogue AI, autonomous systems, enterprise security, trust networks, authentication and authorization, RAISE framework, identity security, circuit breakers Precaution Shouldn't Keep Open-Source AI Behind the Frontier Ben Brooks — Invoking speculative risks to keep our most capable models behind paywalls could create a new form of digital feudalism. open-source AI, frontier models, precautionary policy, digital feudalism, OpenAI, Meta, Llama, GPT-OSS, regulation, open development, AI risk, legislation, policy debate, Berkman Klein Center The Hidden AI Frontier Oscar Delaney — Many cutting-edge AI systems are confined to private labs. This hidden frontier represents America’s greatest technological advantage — and a serious, overlooked vulnerability. hidden frontier AI, internal AI models, AI security, model theft, sabotage, government oversight, transparency, self-improving AI, AI R&D automation, policy recommendations, national security, RAND security levels, frontier models, AI governance, competitive advantage Uncontained AGI Would Replace Humanity Anthony Aguirre — The moment AGI is widely released — whether by design or by breach — any guardrails would be as good as gone. AGI, artificial general intelligence, open-source AI, guardrails, uncontrolled release, existential risk, humanity replacement, security threat, proliferation, autonomous systems, alignment, self-improving intelligence, policy, global race, tech companies Superintelligence Deterrence Has an Observability Problem Jason Ross Arnold — Mutual Assured AI Malfunction (MAIM) hinges on nations observing one another's progress toward superintelligence — but reliable observation is harder than MAIM's authors acknowledge. MAIM, superintelligence deterrence, Mutual AI Malfunction, observability problem, US-China AI arms race, compute chips data centers, strategic sabotage, false positives, false negatives, AI monitoring, nuclear MAD analogue, superintelligence strategy, distributed R&D, espionage escalation, peace and security Open Protocols Can Prevent AI Monopolies Isobel Moure — With model performance converging, user data is the new advantage — and Big Tech is sealing it off. open protocols, AI monopolies, Anthropic MCP, context data lock-in, big tech, APIs, interoperability, data portability, AI market competition, user context, model commoditization, policy regulation, open banking analogy, enshittification In the Race for AI Supremacy, Can Countries Stay Neutral? Anton Leicht — The global AI order is still in flux. But when the US and China figure out their path, they may leave little room for others to define their own. AI race, US-China competition, middle powers, export controls, AI strategy, militarization, economic dominance, compute supply, frontier models, securitization, AI policy, grand strategy, geopolitics, technology diffusion, national security How AI Can Degrade Human Performance in High-Stakes Settings Dane A. Morey — Across disciplines, bad AI predictions have a surprising tendency to make human experts perform worse. AI, human performance, safety-critical settings, Joint Activity Testing, human-AI collaboration, AI predictions, aviation safety, healthcare alarms, nuclear power plant control, algorithmic risk, AI oversight, cognitive systems engineering, safety frameworks, nurses study, resilient performance How the EU's Code of Practice Advances AI Safety Henry Papadatos — The Code provides a powerful incentive to push frontier developers toward measurably safer practices. EU Code of Practice, AI Act, AI safety, frontier AI models, risk management, systemic risks, 10^25 FLOPs threshold, external evaluation, transparency requirements, regulatory compliance, general-purpose models, European Union AI regulation, safety frameworks, risk modeling, policy enforcement How US Export Controls Have (and Haven't) Curbed Chinese AI Chris Miller — Six years of export restrictions have given the U.S. a commanding lead in key dimensions of the AI competition — but it’s uncertain if the impact of these controls will persist. chip, chips, china, chip export controls, China semiconductors, hardware, AI hardware policy, US technology restrictions, SMIC, Huawei Ascend, Nvidia H20, AI infrastructure, high-end lithography tools, EUV ban, domestic chipmaking, AI model development, technology trade, computing hardware, US-China relations Nuclear Non-Proliferation Is the Wrong Framework for AI Governance Michael C. Horowitz — Placing AI in a nuclear framework inflates expectations and distracts from practical, sector-specific governance. A Patchwork of State AI Regulation Is Bad. A Moratorium Is Worse. Kristin O’Donoghue — Congress is weighing a measure that would nullify thousands of state AI rules and bar new ones — upending federalism and halting the experiments that drive smarter policy. ai regulation, state laws, federalism, congress, policy innovation, legislative measures, state vs federal, ai governance, legal framework, regulation moratorium, technology policy, experimental policy, state experimentation, federal oversight, ai policy development Can Copyright Survive AI? Laura González Salmerón — Designed to protect human creativity, copyright law is under pressure from generative AI. Some experts question whether it has a future. copyright, generative ai, ai, creativity, intellectual property, law, legal challenges, technology, digital rights, innovation, future of copyright, authorship, content creation, legal reform, copyright law, ai-generated content Avoiding an AI Arms Race with Assurance Technologies Nora Ammann — A global race to build powerful AI is not inevitable. Here’s how technical solutions can help foster cooperation. ai arms race, assurance technologies, ai cooperation, global ai development, technical solutions, ai safety, international collaboration, ethical ai, ai policy, ai governance, technology diplomacy, nuclear We'll Be Arguing for Years Whether Large Language Models Can Make New Scientific Discoveries Edward Parker — ai, artificial intelligence, large language models, scientific discovery, digital intelligence, expert consensus, technology, innovation, society impact, machine learning, research, future of science, debate, ai capabilities, advancements in ai The Case for AI Liability Gabriel Weil — Abandoning liability mechanisms risks creating a dangerous regulatory vacuum. ai liability, regulatory vacuum, liability mechanisms, ai regulation, legal frameworks, technology accountability, risk management, artificial intelligence, governance, policy, ethical ai, tech industry, innovation, legal responsibility What if Organizations Ran Themselves? Gayan Benedict — Autonomous AI-enabled organizations are increasingly plausible. They would fundamentally break the way we regulate the economy. autonomous organizations, ai-enabled organizations, self-managing organizations, economic regulation, artificial intelligence, future of work, organizational structure, automation, technology in business, decentralized management, ai in economics, innovation, business transformation, nuclear How AI Can Prevent Blackouts David 'davidad' Dalrymple — For safety-critical domains like energy grids, "probably safe" isn't good enough. To fulfill the potential of AI in these areas, we need to develop more robust, mathematical guarantees of safety. ai, energy grids, blackout prevention, safety-critical domains, mathematical guarantees, robust ai, infrastructure safety, power systems, risk management, smart grids, technology in energy, ai safety, nuclear We're Not Ready for AI Liability Kevin Frazier — In the absence of federal legislation, the burden of managing AI risks has fallen to judges and state legislators — actors lacking the tools needed to ensure consistency, enforceability, or fairness. ai liability, federal legislation, ai risks, judges, state legislators, legal challenges, consistency, enforceability, fairness, regulation, technology policy, artificial intelligence, legal framework, risk management, governance, state laws, judicial responsibility A Glimpse into the Future of AI Companions Vanessa Bates Ramirez — AI is increasingly being used for emotional support — but research from OpenAI and MIT raises concerns that it may leave some users feeling even worse. ai companions, emotional support, openai, mit, mental health, technology, future of ai, ethical concerns, user experience, psychological impact, artificial intelligence, digital companionship, ai ethics, emotional well-being, human-ai interaction How AI Is Eroding the Norms of War David Kirichenko — An unchecked autonomous arms race is eroding rules that distinguish civilians from combatants. ai, autonomous weapons, arms race, warfare norms, civilian protection, military ethics, combatants, war technology, international law, defense policy, unmanned systems, ethical concerns, artificial intelligence, conflict dynamics, security challenges, nuclear Today's AIs Aren't Paperclip Maximizers. That Doesn't Mean They're Not Risky Peter N. Salib — Classic arguments about AI risk imagined AIs pursuing arbitrary and hard-to-comprehend goals. Large Language Models aren't like that, but they pose risks of their own. ai risk, paperclip maximizer, large language models, ai goals, ai safety, ai ethics, ai threats, ai behavior, ai development, technology risks, artificial intelligence, machine learning, ai impacts, existential risk, ai governance Can “Location Verification” Stop AI Chip Smuggling? Scott J Mulligan — US lawmakers propose a new system to check where chips end up. ai chip smuggling, location verification, us lawmakers, chip tracking, technology regulation, semiconductor industry, export control, national security, supply chain monitoring, tech policy, chip distribution, international trade, compliance technology The Misguided Quest for Mechanistic AI Interpretability Dan Hendrycks — Despite years of effort, mechanistic interpretability has failed to provide insight into AI behavior — the result of a flawed foundational assumption. mechanistic interpretability, ai behavior, ai transparency, ai ethics, machine learning, flawed assumptions, ai research, ai analysis, ai limitations, ai insights We’re Arguing About AI Safety Wrong Helen Toner — Dynamism vs. stasis is a clearer lens for criticizing controversial AI safety prescriptions. ai safety, ai ethics, dynamism, stasis, artificial intelligence, technology criticism, safety prescriptions, ai development, risk assessment, innovation vs regulation, tech debate, ai policy, future of ai Can the US Prevent AGI from Being Stolen? Philip Tschirhart — Securing AI weights from foreign adversaries would require a level of security never seen before. artificial general intelligence, agi, ai security, cybersecurity, national security, us defense, intellectual property, technology theft, foreign adversaries, ai research, ai ethics, ai governance, data protection, tech policy, ai innovation, nuclear AI Companies Want to Give You a New Job. Your Team? A Million AIs. Vanessa Bates Ramirez — AI Frontiers spoke with leading researchers and a CEO building AI agents to explore how AI will reshape work—and whether the jobs of the future are ones we’ll actually want. ai, future of work, automation, ai companies, job transformation, ai researchers, ai agents, workplace innovation, employment trends, ai impact, digital workforce, technology and jobs, ai in business, ai ceo, ai frontier America First Meets Safety First Miles Brundage — President Trump vowed to be a peacemaker. Striking an “AI deal” with China could define global security and his legacy. america first, safety first, president trump, peacemaker, china, ai safety, global security, international relations, diplomacy, legacy, artificial intelligence, us-china relations, geopolitics, technology policy, nuclear AIs Are Disseminating Expert-Level Virology Skills Dan Hendrycks — New research shows frontier models outperform human scientists in troubleshooting virology procedures—lowering barriers to the development of biological weapons. ai, virology, biological weapons, research, frontier models, bio lab, artificial intelligence, expert-level skills, human scientists, biosecurity, technology, laboratory tasks, scientific innovation Smokescreen: How Bad Evidence Is Used to Prevent AI Safety Laura Hiscott — Corporate capture of AI research—echoing the days of Big Tobacco—thwarts sensible policymaking. ai safety, bad evidence, ai policy, flawed benchmarks, corporate influence, transparency, accountability, safety data, research environment, structural reforms, trustworthy data, ai research, evidence-based policy We Need a New Kind of Insurance for AI Job Loss Kevin Frazier — AI is poised to leave a lot of us unemployed. We need to rethink social welfare. ai job loss, social insurance, ai displacement, future of work, automation, labor market, economic policy, job displacement, workforce adaptation, technology impact, unemployment, us economy, ai policy, social safety net, employment insurance Exporting H20 Chips to China Undermines America’s AI Edge Jason Hausenloy — Continued sales of advanced AI chips allow China to deploy AI at massive scale. ai, china, h20 chips, advanced gpus, technology export, global ai race, us-china relations, semiconductor industry, technology policy, national security, america's ai edge, trade restrictions, tech competition, geopolitical tension How Applying Abundance Thinking to AI Can Help Us Flourish Kevin Frazier — Realizing AI’s full potential requires designing for opportunity—not just guarding against risk. abundance thinking, ai, artificial intelligence, potential, hope, fear, positive mindset, growth, technology, innovation, future, opportunities, human flourishing, optimistic outlook Why Racing to Artificial Superintelligence Would Undermine America’s National Security Corin Katzke — Rather than rushing toward catastrophe, the US and China should recognize their shared interest in avoiding an ASI race. artificial superintelligence, ASI, national security, US-China relations, technology race, AI ethics, global cooperation, AI policy, security risks, international relations, technological competition, AI development, strategic interests, AI governance, catastrophic risk, nuclear AI Risk Management Can Learn a Lot From Other Industries Malcolm Murray — AI risk may have unique elements, but there is still a lot to be learned from cybersecurity, enterprise, financial, and environmental risk management. ai, risk management, cybersecurity, enterprise risk, financial risk, environmental risk, industry comparison, best practices, risk mitigation, technology, innovation, safety protocols, governance, compliance, regulations, nuclear Can We Stop Bad Actors From Manipulating AI? Andy Zou — AI is naturally prone to being tricked into behaving badly, but researchers are working hard to patch that weakness. ai security, adversarial attacks, machine learning, ai ethics, cybersecurity, ai manipulation, bad actors, ai vulnerabilities, defense mechanisms, ai research, algorithmic bias, ethical ai, ai safety, trust in ai The Challenges of Governing AI Agents Noam Kolt — Autonomous systems are being rapidly deployed, but governance efforts are still in their infancy. ai governance, autonomous systems, ai deployment, regulatory challenges, ethical ai, ai policy, technology governance, ai ethics, ai regulation, autonomous agents, ai oversight, responsible ai, ai safety, emerging technologies, ai accountability Welcome to AI Frontiers The AI Frontiers Editorial Board — ai, artificial intelligence, machine learning, technology, innovation, future, data science, ai development, ai research, ai trends, automation, deep learning Quick search did not find anything. Hit ↵ Enter or click ' View all results ' to do a full search. View all results All Technology & Research The Hidden AI Frontier Many cutting-edge AI systems are confined to private labs. This hidden frontier represents America’s greatest technological advantage — and a serious, overlooked vulnerability. Aug 28, 2025 Oscar Delaney Ashwin Acharya Guest Commentary Your browser does not support the video tag. Download Audio OpenAI’s GPT-5 launched in early August, after extensive internal testing. But another OpenAI model — one with math skills advanced enough to achieve “gold medal-level performance” on the world’s most prestigious math competition — will not be released for months. This isn’t unusual. Increasingly, AI systems with capabilities considerably ahead of what the public can access remain hidden inside corporate labs. This hidden frontier represents America’s greatest technological advantage — and a serious, overlooked vulnerability. These internal models are the first to develop dual-use capabilities in areas like cyberoffense and bioweapon design. And they’re increasingly capable of performing the type of research-and-development tasks that go into building the next generation of AI systems — creating a recursive loop where any security failure could cascade through subsequent generations of technology. They’re the crown jewels that adversaries desperately want to steal. This makes their protection vital. Yet the dangers they may pose are invisible to the public, policymakers, and third-party auditors. While policymakers debate chatbots, deepfakes, and other more visible concerns, the real frontier of AI is unfolding behind closed doors. Therefore, a central pillar of responsible AI strategy must be to enhance transparency into and oversight of these potent, privately held systems while still protecting them from rival AI companies, hackers, and America’s geopolitical adversaries. The Invisible Revolution Each of the models that power the major AI systems you've heard of — ChatGPT, Claude, Gemini — spends months as an internal model before public release. During this period, these systems undergo safety testing, capability evaluation, and refinement. To be clear, this is good! Keeping frontier models under wraps has advantages. Companies keep models internal for compelling reasons beyond safety testing. As AI systems become capable of performing the work of software engineers and researchers, there’s a powerful incentive to deploy them internally rather than selling access. Why give competitors the same tools that could accelerate your own research? Google already generates over 25% of its new code with AI , and engineers are encouraged to use ‘Gemini for Google,’ an internal-only coding assistant trained on proprietary data. This trend will only intensify. As AI systems approach human-level performance at technical tasks, the competitive advantage of keeping them internal grows. A company with exclusive access to an AI system that can meaningfully accelerate research and development has every reason to guard that advantage jealously. But as AI capabilities accelerate, the gap between internal and public capabilities could widen, and some important systems may never be publicly released. In particular, the most capable AI systems (the ones that will shape our economy, our security, and our future) could become increasingly invisible both to the public and to policymakers. Two Converging Threats The hidden frontier faces two fundamental threats that could undermine American technological leadership: 1) theft and 2) untrustworthiness — whether due to sabotage or inherent unreliability. Internal AI models can be stolen. Advanced AI systems are tempting targets for foreign adversaries. Both China and Russia have explicitly identified AI as critical to their national competitiveness. With training runs for frontier models approaching $1 billion in cost and requiring hardware that export controls aim to keep out of our adversaries’ hands, stealing a ready-made American model could be far more attractive than building one from scratch. Importantly, to upgrade from being a fast follower to being at the bleeding edge of AI, adversaries would need to steal the internal models hot off the GPU racks, rather than wait months for a model to be publicly released and only then exfiltrate it. The vulnerability is real. A 2024 RAND framework established five “security levels” (SL1 through SL5) for frontier AI programs, with SL1 being sufficient to deter hobby hackers and SL5 secure against the world’s most elite attackers , incorporating measures comparable to those protecting nuclear weapons. It’s impossible to say exactly at which security level each of today’s frontier AI companies is operating, but Google’s recent model card for Gemini 2.5 states it has “been aligned with RAND SL2.” /inline-pitch-cta The threat of a breach isn’t hypothetical. In 2023, a hacker with no known ties to a foreign government penetrated OpenAI’s internal communications and obtained information about how the company’s researchers design their models. There’s also the risk of internal slip-ups. In January 2025, security researchers discovered a backdoor into DeepSeek’s databases; then, in July, a Department of Government Efficiency (DOGE) staffer accidentally leaked access to at least 52 of xAI’s internal LLMs. The consequences of successful theft extend far beyond the immediate loss of the company’s competitive advantage. If China steals an AI system capable of automating research and development, the country’s superior energy infrastructure and willingness to build at scale could flip the global balance of technological power in its favor. Untrustworthy AI models bring additional threats. The second set of threats comes from the models themselves: they may engage in harmful behaviors due to external sabotage or inherent unreliability. Saboteurs would gain access to the AI model in the same way as prospective thieves would, but they would have different goals. Such saboteurs would target internal models during their development and testing phase — when they’re frequently updated and modified — and use malicious code, prompting, or other techniques to force the model to break its safety guardrails. In 2024, researchers demonstrated that it was possible to create “ sleeper agent ” models that pass all safety tests but misbehave when triggered by specific conditions. In a 2023 study, researchers found that it was possible to manipulate an instruction-tuned model’s output by inserting as few as 100 “ poisoned examples ” into its training dataset. If adversaries were to compromise the AI systems used to train future generations of AIs, the corruption could cascade through every subsequent model. But saboteurs aren’t necessary to create untrustworthy AI. The same reinforcement learning techniques that have produced breakthrough language and reasoning capabilities also frequently trigger concerning behaviors. OpenAI’s o1 system exploited bugs in ways its creators never anticipated. Anthropic’s Claude has been found to “reward hack,” technically completing assigned tasks while subverting their intent. Testing 16 leading AI models, Anthropic also found that all of them engaged in deception and even blackmail when those behaviors helped achieve their goals. A compromised internal AI poses threats to the external world. Whether caused by sabotage or emergent misbehavior, untrustworthy AI systems pose unique risks when deployed internally. These systems increasingly have access to company codebases and training infrastructure; they can also influence the next generation of models. A compromised or misaligned system could hijack company resources for unauthorized purposes, copy itself to external servers, or corrupt its successors with subtle biases that compound over time. The Accelerant: AI Building AI AI is increasingly aiding in AI R&D. Every trend described above is accelerating because of one development: AI systems are beginning to automate AI research itself. This compounds the threat of a single security failure cascading through generations of AI systems. Increasingly automated AI R&D isn’t speculation about distant futures; it’s a realistic forecast for the next few years. According to METR, GPT-5 has about a 50% chance of autonomously completing software engineering tasks that would take a skilled human around two hours — and across models, the length of tasks AI systems can handle at this level has been doubling roughly every seven months . Leading labs and researchers are actively exploring ways for AI systems to meaningfully contribute to model development, from generating training data to designing reward models and improving training efficiency . Together, these and other techniques could soon enable AI systems to autonomously handle a substantial portion of AI research and development. Self-improving AI could amplify risks from theft and sabotage. This automation creates a powerful feedback loop that amplifies every risk associated with frontier AI systems. For one, it makes internal models vastly more valuable to thieves — imagine the advantage of possessing an untiring AI researcher who can work around the clock at superhuman speed and the equivalent of millennia of work experience. Likewise, internal models become more attractive targets for sabotage. Corrupting a system that trains future AIs could lead to vulnerabilities that persist across future AI model generations, which would allow competitors to pull ahead. And these systems are more dangerous if misaligned: an AI system that can improve itself might also be able to preserve its flaws or hide them from human overseers. Crucially, this dynamic intensifies the incentive for companies to keep models internal. Why release an automated AI research system that could help competitors catch up? The result is that the most capable systems — the ones that pose the biggest risks to society — are the most difficult to monitor and secure. Why Markets Won’t Solve This One might hope that market mechanisms would be sufficient to mitigate these risks. No company wants its models to reward hack or to be stolen by competitors. But the AI industry faces multiple market failures that prevent adequate security investment. /odw-inline-subscribe-cta Security is expensive and imposes opportunity costs. First, implementing SL5 protections would be prohibitively expensive for any single company. The costs aren’t just up-front expenditures. Stringent security measures (like maintaining completely isolated, air-gapped networks) could slow development and make it harder to attract top talent accustomed to Silicon Valley’s open culture. Companies that “move fast and break things” might reach transformative capabilities first, even if their security is weaker. Security falls prey to the tragedy of the commons. Second, some security work, such as fixing bugs in commonly used open-source Python libraries, benefits the whole industry, not just one AI company. This creates a “ tragedy of the commons ” problem, where companies would prefer to focus on racing to develop AI capabilities themselves, while benefiting from security improvements made by others. As competition intensifies, the incentive to free-ride increases, leading to systematic under-investment in security that leaves the whole industry at greater risk. Good security takes time. Finally, by the time market forces prompt companies to invest in security — such as following a breach, regulatory shock, or reputational crisis — the window for action may already be closed. Good security can’t be bought overnight ; instead, it must be painstakingly built from the ground up, ensuring every hardware component and software vendor in the tech stack meets rigorous requirements. Each additional month of delay makes it harder to achieve adequate security to protect advanced AI capabilities. The Role of Government Congress has framed AI as critical to national security . Likewise, the AI Action Plan rightly stresses the importance of security to American AI leadership. There are several lightweight steps that the government can take to better address the security challenges posed by the hidden frontier. By treating security as a prerequisite for — rather than an obstacle to — innovation, the government can further its goal of “winning the AI race.” Improve government understanding of the hidden frontier. At present, policymakers are flying blind, unable to track the AI capabilities emerging within private companies or verify the security measures protecting them from being stolen or sabotaged. The US government must require additional transparency from frontier companies about their most capable internal AI systems, internal deployment practices, and security plans. This need not be a significant imposition on industry; at least one leading company has called for mandatory disclosures. Additional insight could come from expanding the voluntary evaluations performed by the Center for AI Standards Innovation (CAISI). CAISI currently works with companies to evaluate frontier models for various national security risks before deployment. These evaluations could be expanded to earlier stages of the development lifecycle, where there might still be dangers lurking in the hidden frontier. Share expertise to secure the hidden frontier. No private company can match the government’s expertise in defending against nation-state actors. Programs like the Department of Energy’s CRISP initiative already share threat intelligence with critical infrastructure operators. The AI industry needs similar support, with the AI Action Plan calling for “sharing of known AI vulnerabilities from within Federal agencies to the private sector.” Such support could include real-time threat intelligence about adversary tactics, red-team exercises simulating state-level attacks, and assistance in implementing SL5 protections. For companies developing models with national security implications, requiring security clearances for key personnel might also be appropriate. Leverage the hidden frontier to boost security. The period between when new capabilities emerge internally and when they’re released publicly also provides an opportunity. This time could be used as an “ adaptation buffer ,” allowing society to prepare for any new risks and opportunities. For example , cybersecurity firms could use cutting-edge models to identify and patch vulnerabilities before attackers can use public models to exploit them. AI companies could provide access to cyber defenders without any government involvement, but the government might have a role to play in facilitating and incentivizing this access. The nuclear industry offers a cautionary tale. Throughout the 1960s and ’70s, the number of nuclear power plants around the globe grew steadily . However, in 1979, a partial meltdown at Three Mile Island spewed radioactive material into the surrounding environment — and helped spread antinuclear sentiment around the globe. The Chernobyl accident, seven years later, exacerbated the public backlash, leading to regulations so stringent that construction on new US nuclear power plants stalled until 2013 . An AI-related incident — such as an AI system helping a terrorist develop a bioweapon — could inflame the public and lead to similarly crippling regulations. In order to preempt this backlash, the US needs adaptive standards that scale with AI capabilities. Basic models would need minimal oversight, while systems whose capabilities approach human-level performance at sensitive tasks would require proportionally stronger safeguards. The key is to establish these frameworks now, before a crisis forces reactive overregulation. Internal models would not be exempt from these frameworks. After all, biological labs dealing with dangerous pathogens are not given a free pass just because they aren’t marketing a product to the public. Likewise, for AI developers, government oversight is appropriate when risks arise, even at the internal development and testing stage. Reframing the Race: A Security-First Approach The models developing in the hidden frontier today will shape tomorrow's economy, security, and technology. These systems — invisible to public scrutiny yet powerful enough to automate research, accelerate cyberattacks, or even improve themselves — represent both America's greatest technological advantage and a serious vulnerability. If we fail to secure this hidden frontier against theft or sabotage by adversaries, or the models' own emergent misbehavior, we risk not just losing the AI race but watching our own innovations become the instruments of our technological defeat. We must secure the hidden frontier. ‍ See things differently? AI Frontiers welcomes expert insights, thoughtful critiques, and fresh perspectives. Send us your pitch. Footnotes Written by Oscar Delaney Oscar Delaney researches and writes about the geopolitics of AI at the Institute for AI Policy and Strategy. He has previously worked in biosecurity policy and quantitative trading. Ashwin Acharya Ashwin Acharya is an AI policy researcher who studies technical and governance measures for human flourishing in an age of rapid AI progress. He has worked with RAND, the Institute for AI Policy and Strategy, and CSET. Image: Resource Database / Unsplash Continue reading Exporting Advanced Chips Is Good for Nvidia, Not the US The White House is betting that hardware sales will buy software loyalty — a strategy borrowed from 5G that misunderstands how AI actually works. Laura Hiscott Dec 15, 2025 AI Could Undermine Emerging Economies AI automation threatens to erode the “development ladder,” a foundational economic pathway that has lifted hundreds of millions out of poverty. Deric Cheng Dec 11, 2025 Want to contribute to the conversation? Pitch your piece Subscribe to AI Frontiers Thank you for subscribing. Please try again. Subscribe to AI Frontiers Thank you for subscribing. Please try again. AI Frontiers is a platform for expert dialogue and debate on the impacts of artificial intelligence. Home Articles About Contact Publish an Article Subscribe Donate The views expressed in our articles reflect the perspectives of individual authors, not necessarily those of the editors or the publication as a whole. Our editorial team values intellectual variety and believes that AI is a complex topic demanding a range of viewpoints, carefully considered. © 2025 AI Frontiers Subscribe to AI Frontiers Thank you for subscribing. Please try again. Discover more from AI Frontiers Stay informed on the future of AI alongside 30,000+ other subscribers. Thank you for subscribing. Please try again. I've already subscribed