Coordinate cyber incident response proto…

BackCoordinate responses with critical infrastructure providers

This page is still being polished. If you have thoughts, please share them via the feedback form.

Data on this page is preliminary and may change. Please do not share or cite these figures publicly.

Coordinate responses with critical infrastructure providers

Somai (2025)|LLM classified

Mitigation Taxonomy

3Ecosystem

3.3Voluntary & Cooperative

3.3.1Industry Coordination

Cross-organization coordination mechanisms, information sharing, and collaborative monitoring.

Also in Voluntary & Cooperative

3.3.2 International Coordination3.3.3 Self-regulatory Mechanisms

Additional Informationp. 5

Stage: Containment and Mitigation; Stakeholder: National Government: Other Agencies; Additional information: Government stakeholders should seek to strengthen AI security to protect model weights and algorithmic techniques. Governments could require or incentivise AI developers that exceed specified capability thresholds to implement stricter security protections -- of both model weights and algorithmic insights -- to prevent the theft of dangerous capabilities by malicious actors and the diffusion of models to unmonitored environments. Security improvements could include measures such as hardened bandwidth limitations, automated network monitoring and encryption. Routine hardware supply chain and data centre inspections would also help to detect unauthorised access. Beyond external threats, organisations must also consider security risks from the AI models themselves and thus employ regular memory wiping, adversarial testing and monitoring.

LLM Classification Details

Reasoning

Coordinates response mechanisms across organizations (government and critical infrastructure providers) without state enforcement authority.

Code: 3.3.1Version: v0.6Classified: Jan 27, 2026

Other mitigations from Somai (2025) (38)

Monitor critical capability levels

2.2.2 Testing & Evaluation

Lifecycle:Other (multiple stages)Actor:DeveloperAIRM:Measure

Identify early warning signs and emergent capabilities

2.2.1 Risk Assessment

Lifecycle:Build and Use ModelActor:DeveloperAIRM:Measure

Establish standardised benchmarks and reporting

3.2.1 Benchmarks & Evaluation

Lifecycle:Verify and ValidateActor:DeveloperAIRM:Measure

Implement compute monitoring and anomaly detection

1.2.3 Monitoring & Detection

Lifecycle:Other (multiple stages)Actor:Infrastructure ProviderAIRM:Measure

Enhance hardware and supply chain oversight

2.3.3 Monitoring & Logging

Lifecycle:Other (stage not listed)Actor:Infrastructure ProviderAIRM:Govern

Lead efforts to establish shared criteria for AI LOC

3.2.2 Technical Standards

Lifecycle:Plan and DesignActor:Governance ActorAIRM:Govern

View all 38 mitigations from this source →

Source Document

Strengthening Emergency Preparedness and Response for AI Loss of Control Incidents

Somani, Elika; Friedman, Anjay; Wu, Henry; Lu, Marianne; Byrd, Christopher; van Soest, Henri; Zakaria, Sana (2025)

As artificial intelligence (AI) systems become increasingly embedded in essential infrastructure and services, the risks associated with unintended failures rise. Developing comprehensive emergency response protocols could help mitigate these significant risks. This report focuses on understanding and addressing AI loss of control (LOC) scenarios where human oversight fails to adequately constrain an autonomous, general-purpose AI.

View source DOI: 10.7249/RRA3847-1

Classification

AI Lifecycle Stage

Other (multiple stages)

Applies across multiple lifecycle stages

Responsible Actor

Governance Actor

Regulator, standards body, or oversight entity shaping AI policy

NIST AI RMF Function

Govern

Policies, processes, and accountability structures for AI risk management