The federal government just formalized what risk-first security leaders have been managing for the past two years: AI is both a business-critical asset and an active attack surface, and you can’t treat those two facts separately. The “Promoting Advanced Artificial Intelligence Innovation and Security” executive order, signed June 2, establishes U.S. policy on AI cybersecurity across government and critical infrastructure, hardening systems against AI-enabled threats, protecting American intellectual property, and building defensive AI capabilities at scale. And for private-sector security teams, one mechanism matters more than the rest.

The clearinghouse and what it actually does

Within 30 days, Treasury, in consultation with NSA and CISA, must stand up an AI cybersecurity clearinghouse. The structure is straightforward: it coordinates vulnerability scanning, validates findings, and prioritizes patch distribution in voluntary collaboration with industry and critical infrastructure operators. Developers who participate submit vulnerability reports and receive anonymized telemetry on how their models are being targeted by state-sponsored actors. 

In a deliberate departure from earlier frameworks that would have required government approval of new AI systems before deployment, participation in this program is voluntary. However, that framing should not lull anyone into thinking this is optional in practice. Voluntary guidance in regulated industries and federal supply chains has a documented pattern: it shows up in procurement standards and sector-specific cybersecurity guidance within 12 to 24 months. Therefore, organizations that engage now build the infrastructure they’ll need anyway, while those that wait will be retrofitting under deadline.

The immediate threat dynamic the order creates

The AG’s enforcement priority—directing federal prosecution of AI-enabled identity fraud and unauthorized access—adds a timing dynamic security leaders should account for, as elevated enforcement attention typically accelerates attacker activity in the near term before the deterrent effect materializes. In other words, threat actors front-run enforcement windows. But that isn’t a reason to hold off on AI adoption or wait for the regulatory picture to resolve. It is a reason to move now rather than wait, and to have incident response playbooks that account for AI-enabled attack vectors before this plays out.

Three things to do before the voluntary language tightens

The companies that come out ahead will treat this order as a forcing function for AI governance infrastructure they were going to need anyway. That means taking three concrete steps:

Map your AI footprint. That means every AI tool in the environment—first-party deployments and third-party vendor tools alike—mapped against the data it touches and the access it holds. This is the prerequisite for clearinghouse participation and the prerequisite for a defensible AI governance posture when procurement requirements arrive.

Track CISA’s forthcoming directives. The executive order sets the policy framework; CISA’s implementation guidance will determine day-to-day operational impact. The organizations monitoring that output will have more lead time to adapt than those reading about it after the fact.

Build AI-specific incident response playbooks. Most IR documentation still treats ransomware and data exfiltration as the primary scenarios. AI-enabled attacks—identity fraud, model poisoning, AI-assisted credential attacks—follow different patterns and require different response protocols. The time to build that playbook is before the enforcement acceleration described above plays out.

The clearinghouse rewards organizations that have done this work. Documented AI use policies, vendor AI risk assessments, and playbooks that account for AI-enabled attacks: these are the table stakes for meaningful engagement with shared intelligence. They’re also the table stakes for every procurement conversation and sector-specific requirement that follows. The organizations building that muscle now will be ahead of both the threat curve and the regulatory curve when the voluntary language does what voluntary language always does.