Cyber Daily Report

News

Home News

As Capabilities Advance Quickly OpenAI Warns of High Cybersecurity Risk of Future AI Models

  • Teri Robinson--securityboulevard.com
  • published date: 2025-12-12 00:00:00 UTC

None

<p><span data-contrast="none">OpenAI sounded the alarm this week that the advanced AI models it has on deck will probably ratchet up cybersecurity risks, which should come as a surprise to exactly no one. </span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">The company said the models could possibly create zero-day remote exploits that would work against even the best-defended systems. They might also make it easier for bad actors to execute complex intrusions into enterprise and industrial networks, with not-so-pleasant outcomes.</span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">All this is because the capabilities of these models are increasing at AI’s characteristic warp speed.</span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">“Like other dual-use domains, defensive and offensive cyber workflows often rely on the same underlying knowledge and techniques,” OpenAI said in a </span><a href="https://openai.com/index/strengthening-cyber-resilience/" target="_blank" rel="noopener"><span data-contrast="none">blog post</span></a><span data-contrast="none">.</span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">“The technical scenario is feasible, and these attack patterns will be weaponized at scale. OpenAI’s announcement confirms they’re seeing the same trajectory,” says Michael Bell, founder and CEO at Suzu Labs. </span><span data-ccp-props='{"201341983":0,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">Since “cybersecurity touches almost every field,” OpenAI said it and other vendors “cannot rely on any single category of safeguards—such as restricting knowledge or using vetted access alone—but instead need a defense-in-depth approach that balances risk and empowers users.”</span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">What that means is “shaping how capabilities are accessed, guided, and applied so that advanced models strengthen security rather than lower barriers to misuse,” OpenAI wrote, noting it was already taking steps to protect against the cybersecurity woes its models could invite.</span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">The company said already it is:</span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><ul><li aria-setsize="-1" data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props='{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}' data-aria-posinset="1" data-aria-level="1"><b><span data-contrast="none">Training the model to refuse or safely respond to harmful requests while remaining helpful for educational and defensive use cases. </span></b><span data-contrast="none">Frontier models are being taught “to refuse or safely respond to requests that would enable clear cyber abuse, while remaining maximally helpful for legitimate defensive and educational use cases.”</span><span data-ccp-props='{"134233117":true,"134233118":true,"201341983":0,"335557856":16777215,"335559740":240,"335572071":2,"335572072":0,"335572073":15460325,"335572075":2,"335572076":0,"335572077":15460325,"335572079":2,"335572080":0,"335572081":15460325,"335572083":2,"335572084":0,"335572085":15460325,"469789798":"single","469789802":"single","469789806":"single","469789810":"single"}'> </span></li></ul><ul><li aria-setsize="-1" data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props='{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}' data-aria-posinset="2" data-aria-level="1"><b><span data-contrast="none">Detection systems. </span></b><span data-contrast="none">By refining and maintaining systemwide monitoring across products that use frontier models, potentially malicious cyber activity is detected. “When activity appears unsafe, we may block output, route prompts to safer or less capable models, or escalate for enforcement,” OpenAI said. Enforcement “combines automated and human review, informed by factors like legal requirements, severity, and repeat behavior.” OpenAI is also working with developers and enterprise customers “to align on safety standards and enable responsible use with clear escalation paths.”</span><span data-ccp-props='{"134233117":true,"134233118":true,"201341983":0,"335557856":16777215,"335559740":240,"335572071":2,"335572072":0,"335572073":15460325,"335572075":2,"335572076":0,"335572077":15460325,"335572079":2,"335572080":0,"335572081":15460325,"335572083":2,"335572084":0,"335572085":15460325,"469789798":"single","469789802":"single","469789806":"single","469789810":"single"}'> </span></li></ul><ul><li aria-setsize="-1" data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props='{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"multilevel"}' data-aria-posinset="3" data-aria-level="1"><b><span data-contrast="none">End-to-end red teaming. </span></b><span data-contrast="none">Expert red teaming organizations help OpenAI evaluate and improve safety mitigations. Those teams try to bypass all the models’ defenses “by working end-to-end, just like a determined and well-resourced adversary might, so that the company can “identify gaps early and strengthen the full system.”</span><span data-ccp-props='{"134233117":true,"134233118":false,"201341983":0,"335557856":16777215,"335559739":0,"335559740":240,"335572071":2,"335572072":0,"335572073":15460325,"335572075":2,"335572076":0,"335572077":15460325,"335572079":2,"335572080":0,"335572081":15460325,"335572083":2,"335572084":0,"335572085":15460325,"469789798":"single","469789802":"single","469789806":"single","469789810":"single"}'> </span></li></ul><p aria-level="4"><span data-contrast="none">OpenAI’s security efforts extend to the ecosystem as well.</span><i><span data-contrast="none"> </span></i><span data-contrast="none">The company plans to introduce a trusted access program for cyber defense, expand defensive capacity with Aardvark, establish a Frontier Risk Council advisory group that includes experienced cyber defenders and security practitioners, and develop a shared understanding on threat models with the industry.</span><span data-ccp-props='{"134245418":true,"134245529":true,"335557856":16777215,"335559738":0,"335559739":0,"335572071":2,"335572072":0,"335572073":15460325,"335572075":2,"335572076":0,"335572077":15460325,"335572079":2,"335572080":0,"335572081":15460325,"335572083":2,"335572084":0,"335572085":15460325,"469789798":"single","469789802":"single","469789806":"single","469789810":"single"}'> </span></p><p><span data-contrast="none">“OpenAI’s approach to preventing misuse, thankfully, doesn’t rely on magical filters,” says John Carberry, CMO at Xcape, Inc., “their plan reads like a standard defense in depth strategy: they’ll train models to reject clear abuse, implement access controls and monitoring, and then have red teams test the entire system.”</span><span data-ccp-props='{"201341983":0,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">But still they’re aiming at a moving target. “Organizations need detection capabilities for AI-powered attacks today, regardless of how these defensive frameworks evolve,” he says, noting that “the labs are trying to build guardrails while the car is already moving.”</span><span data-ccp-props='{"201341983":0,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">Bell says that organizations “need detection capabilities for AI-powered attacks today, regardless of how these defensive frameworks evolve,” noting that “the labs are trying to build guardrails while the car is already moving.”</span><span data-ccp-props='{"201341983":0,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">Diana Kelley, CISO at Noma Security, says security professionals are obligated “to guide that evolution with resilience and governance, especially as agentic AI systems become the norm and AI-driven autonomy increases.” In practice, she says, “this means safety by design, rigorous model evaluation and red teaming, continuous monitoring of agent behavior and decision boundaries, strong identity and access controls around AI-initiated actions, and clear allow and deny lists governing system permissions.” Defenders must also shore up their existing defenses “to be AI-ready and AI risk aware.”</span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">Security by design as well as in deployment “will allow companies to benefit from advanced AI models without taking on unmanaged risks,” she explains.</span><span data-ccp-props='{"201341983":0,"335557856":16777215,"335559739":0,"335559740":240}'> </span></p><p><span data-contrast="none">OpenAI promises more safeguards. “Alongside those efforts, we plan to explore other initiatives and cybersecurity grants to help surface breakthrough ideas that may not emerge from traditional pipelines, and to crowdsource bold, creative defenses from across academia, industry, and the open-source community,” OpenAI said. “Taken together, this is ongoing work, and we expect to keep evolving these programs as we learn what most effectively advances real-world security.”</span></p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/12/as-capabilities-advance-quickly-openai-warns-of-high-cybersecurity-risk-of-future-ai-models/" data-a2a-title="As Capabilities Advance Quickly OpenAI Warns of High Cybersecurity Risk of Future AI Models  "><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fas-capabilities-advance-quickly-openai-warns-of-high-cybersecurity-risk-of-future-ai-models%2F&amp;linkname=As%20Capabilities%20Advance%20Quickly%20OpenAI%20Warns%20of%20High%20Cybersecurity%20Risk%20of%20Future%20AI%20Models%C2%A0%C2%A0" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fas-capabilities-advance-quickly-openai-warns-of-high-cybersecurity-risk-of-future-ai-models%2F&amp;linkname=As%20Capabilities%20Advance%20Quickly%20OpenAI%20Warns%20of%20High%20Cybersecurity%20Risk%20of%20Future%20AI%20Models%C2%A0%C2%A0" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fas-capabilities-advance-quickly-openai-warns-of-high-cybersecurity-risk-of-future-ai-models%2F&amp;linkname=As%20Capabilities%20Advance%20Quickly%20OpenAI%20Warns%20of%20High%20Cybersecurity%20Risk%20of%20Future%20AI%20Models%C2%A0%C2%A0" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fas-capabilities-advance-quickly-openai-warns-of-high-cybersecurity-risk-of-future-ai-models%2F&amp;linkname=As%20Capabilities%20Advance%20Quickly%20OpenAI%20Warns%20of%20High%20Cybersecurity%20Risk%20of%20Future%20AI%20Models%C2%A0%C2%A0" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fas-capabilities-advance-quickly-openai-warns-of-high-cybersecurity-risk-of-future-ai-models%2F&amp;linkname=As%20Capabilities%20Advance%20Quickly%20OpenAI%20Warns%20of%20High%20Cybersecurity%20Risk%20of%20Future%20AI%20Models%C2%A0%C2%A0" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>

Most Popular

How Root Cause Analysis Improves Incident Response and Reduces Downtime?

  • None -- securityboulevard.com
  • Published date: 2025-12-12 00:00:00 UTC

Friday Squid Blogging: Giant Squid Eating a Diamondback Squid

  • None -- securityboulevard.com
  • Published date: 2025-12-12 00:00:00 UTC

React Fixes Two New RSC Flaws as Security Teams Deal with React2Shell

  • Jeffrey Burt -- securityboulevard.com
  • Published date: 2025-12-12 00:00:00 UTC

As Capabilities Advance Quickly OpenAI Warns of High Cybersecurity Risk of Future AI Models

  • Teri Robinson -- securityboulevard.com
  • Published date: 2025-12-12 00:00:00 UTC

PII in email: Explanation, risks, & protection

  • None -- securityboulevard.com
  • Published date: 2025-12-12 00:00:00 UTC