After Executive Order 14409: Next Steps for Securing AI

___ Blog Featured Recent Video Category Start Free Trial After Executive Order 14409: Next Steps for Securing AI The EO mobilizes elements of the U.S. Executive Branch to collaborate with industry and the AI and security research communities to face challenges posed by advanced AI models. June 17, 2026 • Robert Sheldon • Securing AI• Data Security Adversaries are using AI to attack with unprecedented speed and precision. This trend, coupled with the rapidly growing use of agentic AI, means it is now necessary to use AI to protect and defend the modern tech stack. It is timely that on June 2, 2026, President Trump signed Executive Order 14409 on Promoting Advanced Artificial Intelligence Innovation and Security. At a high level, this EO validates that security is fundamental to reaping the benefits of AI. To action that, the EO mobilizes various elements of the Executive Branch to collaborate with industry and the AI and security research communities to confront challenges posed by increasingly sophisticated AI models. The EO requires significant action over the next 30 to 60 days. This pace is reasonable in light of what some in the industry have started to refer to as the coming “vulnpocalypse” (that is, the accelerating volume of bugs discovered by AI that will inundate highly manual review and patching processes). Moreover, according to the CrowdStrike 2026 Global Threat Report, AI-enabled adversaries increased attacks by 89% year-over-year in 2025. Substantively, a number of the particulars required by the EO will be hashed out between officials at the Departments of Homeland Security, Commerce, Treasury, and War, as well as the National Security Agency and various elements of the White House itself. This should yield practical, technocratic recommendations that account for various security, commercial, and innovation equities.  In the course of our routine engagement with government organizations and stakeholders, we’ve suggested a number of policy measures on AI and cybersecurity. To help inform the policy process that will unfold over the next 60 days and beyond, we are sharing some of our core recommendations made to these groups. Secure the Federal Enterprise Sec. 2(c)(i) of the EO requires a federal working group to leverage CISA authorities to “expedite and prioritize the cyber defense of civilian Federal Government information systems in order to protect our Nation’s vital functions.” This provision is the most urgent tasking within the EO, and there are a few straightforward steps the federal government can take now: Deploy AI detection and response (AIDR) tools: This will help secure the rapidly increasing use of AI within the government by applying guardrails to the use of both authorized and shadow AI. Like the mandate for federal agencies to leverage endpoint detection and response (EDR) technologies from EO 14028 in 2021, this single step can dramatically help to secure attack surfaces across the .gov. Improve identity protections: Though compromised identities were already a key gateway to the enterprise in the pre-AI era, the identity “surface” is getting radically larger and more complex with the scaling deployment of agentic AI. Now is the time to fix longstanding weaknesses in this critical area, and put an end to building on a compromised foundation. Leverage the agentic security operations center (SOC): Defenders must use AI to their advantage. While extending AI visibility and control into security tooling (such as with AIDR) is a good first step, it is important to leverage agent capabilities within the SOC to support manual threat hunting, which accelerates the identification and remediation of incidents. Provide Hands-on Assistance to Critical Infrastructure Within critical infrastructure security, the “last mile” problem is significant. Researchers can identify vulnerabilities in key information systems using AI, but it’s not clear the capacity will exist in poorly resourced sectors, like rural water utilities, to fix them. The government can address this issue under Sec. 2(c)(iii) of this EO by establishing a Sensitive Remediations Program, administered by CISA, which partners with private sector organizations to perform hands-on remediations where capacity doesn’t exist. CrowdStrike’s Frontier AI Readiness and Resilience Service and Project QuiltWorks are readily available for this purpose, and such a program could leverage multiple partners to have immediate impact. Strategically Address Vulnerabilities in Open Source Code We view code repositories as a strategic enforcement point for finding vulnerabilities across the open source ecosystem. Under Sec. 2(c)(ii), government organizations should work with and encourage repository owners to proactively scan meaningful projects (e.g., those above a defined threshold of commits/pulls) and notify maintainers of findings. This practice would ensure individual users aren’t required to scan the same projects multiple times and expend scarce tokens for diminishing returns. In theory, these scans could be “opt-in,” and projects that have opted in could be identified with labels or badges. Over time, use of such projects (and deprecating projects that do not participate) could become an industry best practice. Final Thoughts These ideas just scratch the surface of actions put into motion by the EO. The steps the U.S. government can take to secure itself are the most straightforward. More work remains to be done on public-private collaboration, standing up the voluntary AI cybersecurity clearinghouse referenced in Sec. 2(d), and building processes and capacity to review models voluntarily submitted under Sec. 3(b). We want to commend the work done on these initiatives by the Office of the National Cyber Director. Times are changing quickly, and along with it, the cyber threat environment. Failure to take steps like those required in this EO could leave us far worse off, and we’re encouraged by the actions it outlines. We look forward to continued collaboration with stakeholders to advance all priorities the EO outlines over the coming weeks and months. Additional Resources Register for the webcast: The AI Executive Order: What Government Security Leaders Need to Know About Secure AI Adoption CrowdStrike 2026 Global Threat Report AI threats have reached a critical turning point. Access the definitive look at the cyber threat landscape. Download Related Content Securing AI | Jun 12, 2026 Why AI Projects Stall and How CIOs Can Respond Securing AI | Jun 05, 2026 3 Principles to Safely Scale Agentic AI Securing AI | Jun 01, 2026 CrowdStrike Brings Enterprise-Grade Security to the AI Factory with NVIDIA Vera BlueField-4 STX Categories Agentic SOC 52 Cloud & Application Security 145 Data Security 25 Endpoint Security & XDR 357 Engineering & Tech 87 Executive Viewpoint 180 Exposure Management 121 From The Front Lines 204 Next-Gen Identity Security 73 Next-Gen SIEM & Log Management 113 Public Sector 42 Securing AI 38 Threat Hunting & Intel 219 CrowdStrike Falcon Platform Ready to protect your business? Try CrowdStrike free today Start free trial Subscribe Sign up now to receive the latest notifications and updates from CrowdStrike Subscribe See CrowdStrike Falcon in action Explore demos Copyright © 2026 CrowdStrike Privacy Request Info Blog Contact Us 1.888.512.8906 Accessibility Privacy Preference Center Privacy Preference Center Your Privacy Strictly Necessary Cookies Performance Cookies Functional Cookies Targeting Cookies Your Privacy When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, or your device, and is mostly used to make the site work as you expect. The information does not usually identify you directly, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to learn more and change our default settings. Blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information Strictly Necessary Cookies Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They may be set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies may process limited personal information, such as technical or device identifiers, where necessary to ensure the security, functionality, and integrity of the website or web portal. Such processing is strictly limited to what is required for these purposes and is not used for advertising or marketing. Cookies Details Performance Cookies Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore does not identify you. If you do not allow these cookies, your visit to our website will not be included in our analytics, and our ability to monitor website performance and make improvements will be reduced. Cookies Details Functional Cookies Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Cookies Details Targeting Cookies Targeting Cookies These cookies may be set on our site by our advertising partners. They assign a unique identifier to your browser or device and may track your activity across sites to build a profile of your interests and show you relevant adverts on other sites. If you do not allow these cookies, you will still see ads, but they may be less relevant to you. Cookies Details Cookie List Consent Leg.Interest checkbox label label checkbox label label checkbox label label Clear checkbox label label Apply Cancel Confirm My Choices Allow All