Do you want OpenAI to help you with Cybersecurity?

Written By Peter Vogel

SCWorld.com reported that “OpenAI has released plans for a future of AI models with advanced cybersecurity capabilities, outlining plans to prevent misuse and empower cyber defenders…, OpenAI said it will now treat all of its future models as though they could reach “High” cybersecurity capabilities under the company’s Preparedness Framework.”  The December 12, 2025 article entitled " OpenAI lays out its plan for major advances in AI cybersecurity features” (https://www.scworld.com/news/openai-outlines-plans-to-prepare-for-future-ai-cybersecurity-capabilities) included these comments:

Under the framework, AI models with "High" cybersecurity capability could either help scale cyber operations through end-to-end automation or automate the discovery and exploitation of significant cyber vulnerabilities.

OpenAI said it's taking a “defense-in-depth” approach that aims to balance the potential for misuse with the potential for AI to aid cyber defenses, as defense and offensive cybersecurity operations are built on the same foundation, the company noted.

Rather than restrict models’ knowledge or rely on limiting general access to its models, OpenAI said it will use a combination of training, monitoring and red teaming to curb misuse of its models by threat actors.

Its frontier models are being trained to refuse or “safely respond” to requests that could enable cyber abuse while remaining helpful to researchers and defenders, according to the company. Systemwide monitoring has also been implemented throughout products that use its models to detect malicious activity.

“When activity appears unsafe, we may block output, route prompts to safer or less capable models, or escalate for enforcement,” the company stated.

With regard to enforcement, OpenAI said it uses both automated and human review, taking into account severity, repeat behavior and legal obligations. The company has previously published reports detailing misuse of its models by threat groups, including state-sponsored threat actors, noting that the associated accounts were banned from its platform.

OpenAI said it will work with red teaming organizations to help it identify gaps in its systems that could be exploited by well-resourced adversaries.

What do you think?

Peter Vogel
Next

Is it a good idea to use Microsoft’s genAI free tool Copilot when you write documents in Word?