News

Executive Order on "Promoting Advanced Artificial Intelligence Innovation and Security"

08 June 2026

On June 2, 2026, President Trump signed an Executive Order titled "Promoting Advanced Artificial Intelligence Innovation and Security" (the "Order"). The Order represents the Administration's latest action in its broader effort to promote innovation and maintain U.S. global leadership in artificial intelligence (“AI”) while addressing national security risks posed by advanced AI capabilities. Companies that contract with the U.S. Government should pay close attention to the Order's directives, many of which carry aggressive implementation timelines of 30 to 60 days and should understand the potential implications for their business.

Separately, on June 5, 2026, President Trump issued a National Security Presidential Memorandum (“NSPM”) on Artificial Intelligence in the National Security Enterprise to establish a new framework on the procurement and use of AI for defense and intelligence purposes guided by four pillars: Adoption, Adaptation, Assurance, and Accountability. The NSPM will be addressed in a Hogan Lovells follow-on thought leadership publication.

Policy framework

The Order declares that it is "the policy of the United States to promote AI innovation and security by working collaboratively with the private sector to modernize government and private sector information systems and harden them against external threats; to protect American ingenuity and intellectual property from exploitation and theft by adversaries; and to cultivate America's advanced AI-enabled capabilities." Notably, the Order frames its approach not as rulemaking but as collaborative partnership with industry, emphasizing that the Administration "refuse[s] to stifle this innovation with overly burdensome regulation."

Key provisions

Upgrading American systems for advanced AI (Section 2)

The Order directs several agencies to take immediate action to prioritize cyber defense and deploy AI-enabled cybersecurity tools across the federal government.

Department of War. Within 30 days, the Secretary of War must prioritize the cyber defense of Department of War [(“DoW”)] information systems by taking appropriate and expeditious action consistent with the purpose of this order. This directive signals that DoW contractors should anticipate new or accelerated cybersecurity requirements in connection with the information systems they provide, support, or access.

National Security Systems. The Committee on National Security Systems (“CNSS”) must, within 30 days, prioritize the cyber defense of National Security Systems as defined in 44 U.S.C. § 3552(b)(6)(A). Companies that operate, maintain, or provide services for systems classified as National Security Systems should expect heightened scrutiny and potentially new security directives.

CISA and Civilian Systems. Within 30 days, the Secretary of Homeland Security, in consultation with the Director of the Office of Management and Budget ("OMB"), the Assistant to the President for National Security Affairs, and the National Cyber Director, must release Binding Operational Directives and other guidance to: (1) expedite and prioritize the cyber defense of civilian Federal Government information systems; (2) establish or expand Federal programs and cybersecurity services that enhance AI-enabled defensive tools; and (3) facilitate access to cybersecurity tools and services for agencies, State and local authorities, and operators of critical infrastructure such as rural hospitals, community banks, and local utilities. This includes access to frontier AI models.

AI Cybersecurity Clearinghouse. The Secretary of the Treasury, the National Cyber Director, the Secretary of War, and the Secretary of Homeland Security must create an "AI cybersecurity clearinghouse" in voluntary collaboration with the AI industry and operators of critical infrastructure within 30 days of the Order. This clearinghouse will coordinate and deconflict scanning for software vulnerabilities, discover and validate such vulnerabilities, and coordinate and prioritize remediation and distribution of vulnerability patches.

Federal Grant Funding. Within 30 days, the Director of OMB must determine whether any Federal grant programs have available funding that can be directed toward applicants developing advanced AI vulnerability detection. This could open unexpected funding pathways for AI developers.

Workforce Expansion. Within 60 days, the Director of the Office of Personnel Management must expand the United States Tech Force Information Cybersecurity Specialist hiring and placement pathways.

Secure frontier model deployment (Section 3)

Section 3 is perhaps the most consequential provision for AI developers and their government customers. The Secretary of the Treasury, the Secretary of War, and the Secretary of Homeland Security, must take the following steps within 60 days of the Order.

Develop and maintain a classified benchmarking process to assess the advanced cyber capabilities of AI models and determine the threshold at which an AI model should be designated a 'covered frontier model'” under the Order
Work with AI developers to Design a voluntary framework through which developers would be able to:
- (1) engage the Federal Government to determine whether model(s) under development meet the designation of "covered frontier model";
- (2) provide the Federal Government with access to covered frontier models, subject to appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements, for a period of up to 30 days before they plan to release such models to other trusted partners; and
- (3) collaborate with the Federal Government to select "trusted partners" that will have early access to covered frontier models to promote secure innovation and strengthen the cybersecurity of critical infrastructure.

Notably, the framework parameters in Section 3 are scaled back from an earlier, more proscriptive draft of the EO. For example, the provision for up to 90-day advance Federal Government access to covered frontier models was modified to an up to 30-day notice. This suggests some consideration on the part of the White House for additional flexibility for frontier model developers.

No Mandatory Licensing. Critically, the Order explicitly provides that it does not authorize the creation of a mandatory “governmental licensing, preclearance, or permitting requirement” for AI model development, publication, release, or distribution. This reinforces the Administration's stated commitment to a non-regulatory approach while still establishing the government’s role in assessing frontier model capabilities.

Protection against criminal actors (Section 4)

The Order directs the Attorney General to prioritize the enforcement of applicable Federal criminal laws against anyone who uses AI to illegally access or damage a computer system or network, or who uses AI while engaged in illegal access to further another crime. This includes breaching any information technology system, or employing AI agents to unlawfully access data or information that is subsequently used for a criminal or unlawful purpose.

Implications for Government Contractors
Immediate Cybersecurity Requirements

Companies holding contracts with DoW should be on the lookout for the potentially new and significant cybersecurity directives. The 30-day timeline for the Secretary of War to "prioritize cyber defense" of DoW information systems suggests that contractors may face rapid-turnaround requirements to upgrade or certify their cybersecurity postures. Similarly, contractors supporting civilian agency systems should monitor CISA's forthcoming Binding Operational Directives, which may impose new compliance obligations on a compressed timeline.

Opportunities in the AI cybersecurity market

The Order creates several new market opportunities for AI and cybersecurity companies. The AI cybersecurity clearinghouse, the expansion of AI-enabled defensive tools across the federal government, and the potential direction of federal grant funding toward AI vulnerability detection all represent significant business development opportunities for contractors with relevant capabilities.

"Covered frontier model" designation

AI developers that supply models to the U.S. Government or that believe their models may be classified as "covered frontier models" should closely monitor the development of the classified benchmarking process. While the framework for engaging the government is described as "voluntary," companies that participate in this framework may gain competitive advantages—particularly through early designation as "trusted partners" with access to frontier models. Conversely, companies that decline to participate may face informal market disadvantages when competing for government AI contracts.

Intellectual property and confidentiality protections

Companies considering participation in the voluntary frontier model framework should carefully evaluate the Order's reference to "appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements" in connection with providing government access to covered frontier models. The details of these protections will be critical to any company's decision to participate and will likely require negotiation with the relevant agencies.

Criminal enforcement

The Order's direction to the Attorney General to prioritize enforcement of existing criminal statutes against those who use AI to commit cybercrimes underscores the importance of robust compliance programs for any company deploying AI agents or autonomous systems that interact with government or private networks. Companies should ensure that their agentic AI systems include appropriate guardrails to prevent them from accessing information without authorization, even inadvertently, to information systems.

What to watch

The most consequential implementation actions will occur within the next 30 to 60 days. Companies should monitor for:

New Binding Operational Directives from CISA addressing AI-enabled cybersecurity for civilian federal systems;
Any new cybersecurity-related procurement standards or contract requirements flowing from the DoW’s implementation actions;
Details on the AI cybersecurity clearinghouse structure and participation requirements;
Publication of the classified benchmarking process criteria (or unclassified summaries) defining the "covered frontier model" threshold;
The voluntary framework details for AI developer engagement with the government;
Grant program announcements related to advanced AI vulnerability detection; and
Updates to Department of War and intelligence agency guidance on the acquisition and use of AI per the NSPM on Artificial Intelligence in the National Security Enterprise.

How we can help

Hogan Lovells' Government Contracts, Data Privacy and Cybersecurity, Government Relations and Public Affairs, and Communications, Internet, and Media practices are prepared to assist clients in navigating the requirements and opportunities presented by this Order. Whether you need assistance assessing the impact on existing government contracts, evaluating participation in the voluntary frontier model framework, or developing AI governance and cybersecurity compliance programs, our team can provide tailored guidance.

For further information, please contact your regular Hogan Lovells advisor.

Authored by Mike Mason, Stacy Hadeka, Mike Scheimer, Nathan Salminen, Katy Milner, Cybil Roehrenbeck, Stewart Forbes, Alexis Sainz, Chip Cannon, and Valerie Marshall.