OpenAI's Cybersecurity Pivot: Defense Contractor or Tech Company?

Some key points from their various announcements:

• They claim to have disrupted multiple malicious AI operations, including what they describe as nation-state actors and criminal networks using their models for harmful purposes
• The Promptfoo acquisition gives them a platform for helping enterprises identify vulnerabilities in AI systems during development, not after deployment
• They're apparently investing in what they call "stronger safeguards" as models become more capable, though specifics on what that means are thin
• They've also been pushing policy ideas in Europe through something called the Hacktivate AI report, which includes 20 recommendations for accelerating AI adoption while maintaining security

Call me old-fashioned, but I find it interesting that the company is simultaneously lobbying for faster AI adoption in Europe while also positioning itself as the solution to the security problems that faster adoption creates. That's not necessarily cynical, it might just be good business, but it's worth noting.

The Promptfoo deal is the most tangible piece of all this. According to their announcement, Promptfoo is an AI security platform that helps companies find and fix vulnerabilities in their AI systems before those systems go live. This is actually useful! The AI security space has been crying out for better tooling, and most of what exists is either academic research that's hard to operationalize or enterprise software that costs more than a small company's entire engineering budget. If OpenAI can make this stuff accessible, that would be genuinely good.

But here's the thing I keep coming back to. OpenAI created the problem, or at least accelerated it dramatically, and now they want to sell the solution. This is the tobacco company funding cancer research dynamic, except the tobacco company also wants to run the hospital.

I've seen this movie before. In the 90s, Microsoft was simultaneously the biggest target for malware and the biggest vendor of security tools. They eventually got pretty good at it, to be fair, but it took years of painful learning and a lot of customer pain along the way. The question is whether OpenAI can compress that timeline, and whether we should trust them to do it given their track record on, well, everything else.

Their October 2025 disruption report claims they've been actively hunting and shutting down bad actors. The report talks about detecting misuse, enforcing policies, and protecting users from "real-world harms." It's the kind of language that sounds good in a press release but leaves a lot of questions unanswered. How many operations did they disrupt? What countries were involved? What percentage of malicious use do they think they're actually catching? The company didn't disclose exact figures on most of this, which makes it hard to evaluate whether they're actually effective or just doing enough to say they're doing something.

The cyber resilience post is more technical and, honestly, more interesting. They talk about how they assess risk as models get more capable, which is the right question to be asking. The problem is that their assessment methodology isn't public, so we're basically taking their word for it that they're being rigorous. Maybe they are! But verification would be nice.

What I find most telling is the timing. OpenAI is rolling all of this out at a moment when governments around the world are trying to figure out how to regulate AI, and when concerns about AI-enabled cyberattacks are at an all-time high. By positioning themselves as the responsible defenders, they're essentially trying to shape the regulatory conversation. "Don't restrict us too much," the subtext reads, "because we're the ones who can protect you."

This might work. It's worked before for other tech companies in other eras. But it requires a level of trust that OpenAI hasn't entirely earned. They've had safety researchers quit in protest. They've had board drama that would embarrass a reality TV show. They've made promises about openness that they've subsequently walked back. None of this means their cybersecurity work is bad, it might be excellent, but it does mean that skepticism is warranted.

The young founders I talk to, the ones building AI security startups, have mixed feelings about all this. Some are worried that OpenAI will crush them by bundling security features into their core products. Others think OpenAI's entry validates the market and will bring more attention and funding to the space. Both things can be true, I suppose.

For now, we're in the early innings of what's going to be a long game. AI-powered cyberattacks are going to get worse before they get better, that's just the nature of the technology. The question is whether the defenses can keep up, and whether the companies building the most powerful AI systems can be trusted to also build the shields. OpenAI is betting they can do both. History suggests that's a hard trick to pull off, but what do I know. If you want to argue about it, my email's on the about page.

Sarah Williams · 44 mins ago · 4 min