Advanced AI Security Readiness Act

This bill tells the National Security Agency to create an “AI Security Playbook” to protect advanced AI from theft by powerful foreign or other well‑resourced actors. The playbook must map out weak spots in advanced AI data centers and among top AI developers, explain which parts would be most harmful if stolen (like model weights and core insights), and set ways to detect, stop, and respond to cyber threats. It also looks at when security needs might be so high that the U.S. government would need to be heavily involved, including a what‑if plan for building highly secure government‑run AI systems.

The playbook will include both detailed methods (some may be classified) and a public, unclassified guide with best practices that people and companies can use. The agency must talk with leading AI developers and researchers, work with a federal research center, and report progress to Congress within 90 days and a final report within 270 days, with public versions available. This bill does not create new rules or enforcement powers. It focuses on advanced AI that would pose a grave national security risk if stolen, such as systems that could match or beat experts in areas like cyber offense or chemical, biological, radiological, and nuclear topics; “threat actors” means nation‑states or other highly resourced groups .

Key points

• Who is affected: The NSA; advanced AI developers and data centers; private companies that will receive guidance from the unclassified playbook.
• What changes: Creation of an AI Security Playbook; identification of critical risks and components; industry engagement; and a study of when government‑level security might be needed. No new regulatory or enforcement powers are added .
• When: An initial report is due 90 days after enactment; a final report is due 270 days after enactment, with public versions for wider use.