White House questions tech industry on defensive AI use, cybersecurity resilience

The U.S. government wants to know how major U.S. technology companies are using AI to protect their computer networks and how they’re preparing for the possibility of an AI-driven cybersecurity crisis.

Officials from the White House’s Office of the National Cyber Director (ONCD) have reached out to tech giants in recent weeks with questions about AI, information sharing, vulnerability patching and how the federal government can help, according to an email and a list of questions shared with Cybersecurity Dive.

“The White House continues to proactively engage across government and industry to address several Al/cybersecurity priorities,” Jennifer Belair, the assistant national cyber director for external affairs, said in the April 23 email. “This includes working with frontier AI labs to discuss opportunities for collaboration, as well as shared approaches and protocols to address the challenges associated with scaling this technology. We are grateful for your collaboration to date and believe that your organization has the capabilities and expertise to ensure the United States and Americans are protected.”

ONCD asked the companies to answer 11 questions on a range of cybersecurity topics by May 1.

A few of the questions are straightforward, such as “Are you currently using Al detection and response tools and services?” and “How are Al models or platforms integrated into your software stack?” But most of the questions are more complicated, such as how quickly companies can identify and fix known vulnerabilities and what barriers they face to improving their cyber posture.

Still other questions involve sensitive internal details that companies are unlikely to share. One question asks for a list of the networks, hardware and software that are critical to companies’ continuity of operations, as well as a description of how the companies isolate those systems from their traditional business networks. Another question asks the companies to describe what would happen if their most critical systems were compromised.

The White House also asked the companies what information-sharing mechanisms they use and whether those processes have gaps; whether the companies have any recommendations for improving coordination with state and local governments; and what is “the most helpful role the federal government can play here,” citing as an example a “public-private consortium structure that delivers operational value.”

The email did not include a list of recipients, making it unclear which companies received it. ONCD did not respond to multiple requests for comment about the outreach. The White House appears to have sent different questions to different stakeholders; Politico, which first reported on the outreach, quoted different language in the questions.

The outreach follows an April 28 meeting between White House cybersecurity officials and tech industry representatives about the dangers and opportunities posed by powerful new AI models.