GPT-5.5-Cyber: Restricted Cybersecurity Model for Critical Defenders
View original source →On April 30, OpenAI began rolling out GPT-5.5-Cyber through its Trusted Access for Cyber (TAC) program — a restricted-access model for government entities, critical infrastructure operators, and financial institutions.
Key Points:
• The model meets OpenAI's 'High' cybersecurity risk classification (capable of amplifying pathways to severe harm) but does not cross the 'Critical' threshold.
• Access is restricted to vetted organizations: government agencies, critical infrastructure operators, security vendors, cloud platforms, and financial institutions.
• The TAC program reflects OpenAI's approach to enabling advanced security capabilities while maintaining controlled, risk-tiered deployment.
GPT-5.5-Cyber is the first frontier model purpose-built for offensive and defensive cybersecurity at scale. Its restricted access model is a meaningful governance design — acknowledging dual-use risk while enabling legitimate defenders.
Why It Matters: For AI governance professionals, the TAC program is a live case study in tiered access controls — the kind of risk-based deployment framework the EU AI Act envisions for high-risk AI systems. Security teams at qualifying organizations should begin the TAC program application process now.