The Pentagon is putting $200 million behind OpenAI’s promise that its most advanced AI can help defend the United States against cyberattacks. Weeks later, a separate deal opened the door for nearly every federal agency to buy ChatGPT at a steep discount. The twin agreements, formalized in mid-2025 and now shaping agency planning across Washington, represent the largest known bet the U.S. government has placed on a single commercial AI vendor for national security work.
The moves come as federal networks face a drumbeat of intrusions linked to state-sponsored hacking groups. Chinese-affiliated crews such as Volt Typhoon and Salt Typhoon have burrowed into U.S. critical infrastructure, according to advisories from the Cybersecurity and Infrastructure Security Agency. Russian and North Korean actors continue to probe defense contractors and civilian agencies alike. Against that backdrop, Washington is racing to find tools that can help analysts sift through massive volumes of threat data faster than human teams alone can manage.
Two contracts, two tracks
The first agreement is a $200 million prototype contract awarded by the Chief Digital and Artificial Intelligence Office, the Pentagon’s central AI hub. Announced on June 16, 2025, the fixed-amount Other Transaction Agreement (contract number HQ0883-25-9-0012) tasks OpenAI Public Sector LLC with developing “prototype frontier AI capabilities” for national security, including what the contract notice describes as challenges “in both warfighting and” related domains.
Other Transaction Agreements let the Defense Department bypass traditional competitive bidding, a mechanism Congress created to help the military move at startup speed when acquiring emerging technology. The structure has become a favored tool for AI and software procurement, but it also means less public disclosure about deliverables and timelines than a standard contract would require.
The second agreement is broader in scope but narrower in ambition. On August 6, 2025, the General Services Administration announced a partnership that lists ChatGPT on the Multiple Award Schedule, the government’s standard catalog for commercial products. The listing gives procurement officers across civilian agencies a streamlined path to purchase OpenAI’s tools without negotiating one-off contracts, and it includes pricing the GSA characterized as a “deep discount.”
Together, the deals create parallel channels: a high-end research pipeline inside the Defense Department and a mass-distribution mechanism for the rest of the executive branch. Defense technologists can experiment with frontier models under the OTA, while civilian staff at agencies ranging from the Department of Energy to the Social Security Administration can test more mature versions of the same underlying technology for tasks like drafting policy memos, summarizing public comments, or triaging cybersecurity alerts.
What the contracts do not say
Neither agreement specifies which OpenAI model the government intends to use for cyber defense. The DoD notice references “frontier AI capabilities” but names no product, version number, or technical architecture. Whether the $200 million covers a single large language model, a suite of specialized tools, or a custom system engineered for classified networks remains undisclosed in the public record.
The timeline is equally opaque. Prototype OTAs can run for years before producing fielded technology, and the contract summary includes no delivery milestones. Without those markers, outside observers have no way to gauge whether the work is early-stage experimentation or close to operational readiness.
On the civilian side, the GSA listing creates a procurement pathway but not an automatic deployment. Each agency must still complete its own security review and obtain an authority to operate before plugging ChatGPT into sensitive workflows. The Office of Management and Budget’s 2024 memoranda on federal AI governance, including M-24-10, require agencies to designate chief AI officers, conduct impact assessments, and implement safeguards before deploying AI in rights- or safety-impacting scenarios. Those requirements will shape how quickly any department can move from purchase order to live use.
Security risks that come with the opportunity
Embedding a commercial AI product inside government networks introduces attack surfaces that did not previously exist. Researchers have documented techniques such as prompt injection, where a carefully crafted input tricks a language model into ignoring its instructions, and data poisoning, where adversaries corrupt training data to skew outputs. The MITRE ATLAS framework, a publicly available catalog of adversarial tactics against AI systems, lists dozens of such methods that could be turned against government deployments.
If a defense analyst relies on an AI tool to summarize threat intelligence and an adversary manipulates the model’s output, the consequences could range from a missed warning to a misdirected response. No public assessment from the DoD or GSA has addressed how the government plans to audit model behavior, red-team deployments before they go live, or handle situations where AI-generated analysis proves inaccurate in high-stakes settings.
Gregory Allen, director of the Wadhwani Center for AI and Advanced Technologies at the Center for Strategic and International Studies, has noted in public commentary that the speed of federal AI adoption is outpacing the development of testing and evaluation infrastructure. That gap is not unique to OpenAI’s contracts, but the scale of these deals makes it more consequential.
The competitive landscape
OpenAI is not operating in a vacuum. Microsoft, which has invested billions in OpenAI and hosts its models on Azure, already holds a share of the Joint Warfighting Cloud Capability contract that underpins much of the Pentagon’s cloud infrastructure. Palantir Technologies has deep roots in defense and intelligence analytics. Anthropic, maker of the Claude family of models, has pursued its own federal certifications. Google Cloud has expanded its public-sector division aggressively.
What distinguishes the OpenAI deals is their combination of dollar size and distribution breadth. The $200 million OTA is among the largest single AI prototype contracts the Defense Department has disclosed, and the GSA listing potentially puts ChatGPT on the desks of hundreds of thousands of federal employees. No other AI vendor currently has both a nine-figure defense prototype contract and a government-wide discount catalog listing running simultaneously.
That dual positioning gives OpenAI institutional momentum, but it also concentrates risk. If a vulnerability in OpenAI’s models were exploited, the blast radius would span both military prototypes and civilian agency workflows. Diversifying across vendors is a standard risk-management practice in federal IT, and some cybersecurity professionals have questioned whether the government is moving too fast toward a single provider.
What federal workers should watch for
Agency-level implementation guidance will determine how these contracts translate into daily practice. Chief information officers at each department will set access rules, acceptable-use policies, and data-classification requirements. The GSA’s catalog listing means procurement officers can begin placing orders now, but deployment timelines will vary widely depending on each agency’s risk tolerance and existing infrastructure.
For offices considering adoption, the practical first step is mapping specific use cases against internal risk frameworks. Document drafting, translation, and initial triage of security alerts are tasks where an AI assistant can augment human judgment without replacing it. Higher-stakes applications, such as threat assessment or incident response, will demand more rigorous testing and tighter human oversight before any agency is likely to approve them.
The $200 million question, literally, is whether the prototypes developed under the Pentagon contract will prove effective enough to justify the investment. That answer will emerge from classified testing that the public contract record, by design, will never fully reveal. For now, the federal government has placed its largest visible wager on commercial AI for national security. The returns remain unwritten.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
