OpenAI to supply cybersecurity model to Japan

OpenAI said on May 22 that it plans to provide Japan’s government and some Japanese companies with GPT-5.5-Cyber, its latest model for cyber defense, as the company expands a restricted program for high-risk security work. Paul Nakasone, an OpenAI board member and former commander of U.S. Cyber Command, told a press conference in Tokyo on Thursday that the company had held discussions with Japanese government officials this week and wanted to move quickly on access for Japan. The company has already begun limited provision of the model to some government bodies and other organizations from this month, according to The Japan News. OpenAI’s own May 7 post said GPT-5.5-Cyber was being rolled out in limited preview to defenders responsible for securing critical infrastructure. ### Which model is Japan getting, and what can it do? GPT-5.5-Cyber is a specialized version of OpenAI’s latest model aimed at defensive cybersecurity workflows. OpenAI said on May 7 that vetted users can use it for vulnerability identification and triage, malware analysis, binary reverse engineering, detection engineering and patch validation, while safeguards are meant to block malicious activity such as credential theft, stealth, persistence, malware deployment or exploitation of third-party systems. (japannews.yomiuri.co.jp) The Japan News reported on May 22 that GPT-5.5-Cyber can quickly detect weaknesses in critical infrastructure systems and help with steps to remedy those flaws. Nakasone said in Tokyo that his talks with Japanese officials included cybersecurity in 15 vital infrastructure fields. ### Who in Japan is involved? The Japanese government is one intended recipient, and OpenAI has also said some Japanese companies will get the model. (openai.com) The company has not publicly named the firms in the reporting reviewed here. Jason Kwon, OpenAI’s chief strategy officer, told The Asahi Shimbun in Tokyo that the company intended to provide GPT-5.5-Cyber to some Japanese companies and that it was trying to “broaden access to Japan and other allies.” Kwon said the model had already been provided to U.S. government agencies and some companies. (japannews.yomiuri.co.jp) ### Why is OpenAI limiting access instead of offering it broadly? OpenAI said its Trusted Access for Cyber program is an identity- and trust-based framework meant to place enhanced cyber capabilities with verified defenders. (japannews.yomiuri.co.jp) The company said most teams would use GPT-5.5 with Trusted Access for Cyber, while GPT-5.5-Cyber is being offered in limited preview for more specialized work tied to critical infrastructure defense. (asahi.com) June 1, 2026 is the next concrete milestone in that rollout. OpenAI said individual members of Trusted Access for Cyber using its most cyber-capable and permissive models will be required to enable Advanced Account Security beginning on that date. ### How does OpenAI describe the competitive backdrop? The Asahi Shimbun reported on May 22 that Kwon said GPT-5.5-Cyber was announced earlier this month in response to Anthropic’s Claude Mythos, which drew attention for its ability to identify and exploit vulnerabilities. (openai.com) Kwon said OpenAI’s latest model offered performance comparable to Mythos and added that progress in cyber capabilities had been continuous rather than the result of a single sudden jump. The Japan News cited the British government’s AI Security Institute as saying GPT-5.5’s capabilities were equal to those of Claude Mythos. OpenAI said Japan would be one of the first governments to receive its newest model, according to that report. ### What happens next for Japan’s access? Tokyo was the site of OpenAI’s latest discussions with Japanese officials this week, and Nakasone said talks toward quickly providing GPT-5.5-Cyber would move ahead. (asahi.com) OpenAI has not published a delivery date, a contract value or the names of the Japanese companies that will receive the model. The next public marker from OpenAI is June 1, when stricter account-security requirements take effect for users of its most permissive cyber models. (japannews.yomiuri.co.jp)