OpenAI to supply Japan cybersecurity model

OpenAI said on May 21 it will provide the Japanese government and selected Japanese companies with an artificial intelligence model built for cybersecurity work, according to Japanese media reports and the company’s recent security announcements. The move adds Japan to a restricted-access rollout OpenAI has been building this spring for cyber defense users. OpenAI has said the program is designed for vetted defenders rather than broad public release. Japanese reports did not disclose pricing, contract size or a start date for access. ### Which model is Japan getting? The Yomiuri Shimbun reported on May 22 that a senior OpenAI official said the company plans to provide its latest cyber-defense model, called “GPT-5.5-Cyber,” to the Japanese government and some Japanese companies. Japan Today separately reported that OpenAI would provide an AI model with advanced cybersecurity capabilities to the government and selected companies. OpenAI said on May 7 that GPT-5.5-Cyber was already being delivered through its Trusted Access for Cyber, or TAC, program to developers and security teams. (japannews.yomiuri.co.jp) The company described the model as a version of GPT-5.5 aimed at defensive cybersecurity use cases. ### Why is OpenAI restricting access instead of releasing it broadly? OpenAI said in February, when it introduced Trusted Access for Cyber, that the framework was built to expand access to advanced cyber capabilities while reducing the risk of misuse. (japannews.yomiuri.co.jp) The company said the system uses identity and trust checks to place enhanced cyber tools “in the right hands.” OpenAI said again on April 14 and May 7 that it was fine-tuning cyber-permissive models for defenders as model capabilities advance. (openai.com) The company tied that work to safeguards, monitored deployment and support for verified teams responsible for defending critical software and infrastructure. Japan Today reported last month that OpenAI was preparing a restricted release of its latest cybersecurity model to a limited number of partners, reflecting fears that highly capable systems could also aid attackers. (openai.com) That report linked OpenAI’s approach to similar concerns elsewhere in the industry about AI-enabled cyberattacks. ### Why is Japan involved now? Japan’s government adopted a new five-year cybersecurity strategy in January that put added emphasis on “active cyber defense” measures, according to Japan Today’s coverage of the cabinet decision. (openai.com) The strategy described state-sponsored attacks as a serious threat to national security. OpenAI said in an April 29 policy paper that the United States and its allies face a rapidly changing cyber threat environment and that private innovators have a responsibility to support democratic institutions, critical systems and national security. (japantoday.com) The company said one pillar of that plan was closer cooperation with governments and industry. Japan’s inclusion appears consistent with that broader policy direction, based on OpenAI’s published framework and the Japanese reports. (japantoday.com) ### What would users actually do with a model like this? Politico and CNBC reported on May 7 that GPT-5.5-Cyber was being positioned for tasks such as finding and patching software vulnerabilities and analyzing malware, with access limited to vetted cybersecurity professionals. OpenAI’s own materials describe the program in similar terms, focusing on defensive use cases rather than general-purpose deployment. (openai.com) Nextgov reported in April that OpenAI’s cyber action plan centered on spreading AI-powered defensive tools across trusted government and private-sector partners. That aligns with the Japanese reports naming both government users and selected companies, though the company has not publicly listed which ministries or firms will receive access. ### What has not been disclosed yet? (cnbc.com) Japan Today’s May 21 report did not publish when Japanese government agencies or companies would begin using the model, and it did not include pricing or procurement terms. OpenAI’s public TAC materials describe eligibility, safeguards and rollout goals, but they do not list a Japan-specific launch calendar. OpenAI’s next public markers are likely to come through TAC program updates, security posts or statements from Japanese ministries or participating companies. (nextgov.com) As of May 22, the named participants beyond the Japanese government and “some Japanese companies” had not been publicly identified. (japannews.yomiuri.co.jp) (japantoday.com)