Donald Gainsborough has spent decades deciphering the complex machinery of American governance, positioning himself as a primary authority on the intersection of legislative intent and executive action. As the head of Government Curated, he has navigated the shifting tides of policy through multiple administrations, witnessing firsthand how the strength of a federal office relies entirely on the caliber of its technical specialists. Today, we delve into the sudden instability within the Office of the National Cyber Director (ONCD), a critical agency currently facing a wave of high-profile departures. With senior advisers who possess deep intelligence backgrounds exiting the stage just as the White House attempts to implement a rigorous oversight plan for frontier AI models, Gainsborough provides a candid assessment of the friction between political leadership and the urgent technical demands of national security.
The following discussion explores the depletion of technical brainpower within the ONCD and the internal dynamics that have led to a visible dip in morale among the staff. We examine the transition from a hands-off regulatory approach to a more assertive safety-vetting system driven by the emergence of powerful models like Claude Mythos and GPT-5.5. Gainsborough also sheds light on the challenges of staffing a specialized agency when the leadership lacks a traditional cybersecurity background, and what this means for the future of digital infrastructure protection.
With several senior policy officials like Lind and Seymour leaving the administration so shortly after the release of the new executive order, how does this sudden loss of technical expertise compromise the implementation of AI oversight?
The departure of a figure like Lind is not just a standard personnel change; it represents a significant hollowing out of the intelligence-driven soul of our cyber defense apparatus. Lind brought a wealth of experience from his time at the NSA, which he left only last April to join the White House, and his fingerprints were all over the technical nuances of the current executive action. When you lose the very people who sat in the room with tech giants like Google and OpenAI to hammer out the details of digital infrastructure flaws, you lose the institutional memory required to hold those companies accountable. The timing is particularly precarious because the ONCD is now tasked with building a complex vetting system in just 60 days, a feat that requires precise technical leadership that is now in short supply. Without these seasoned experts, there is a palpable risk that the oversight plan will become a series of bureaucratic check-boxes rather than a robust defense against frontier models capable of unearthing software vulnerabilities.
The ONCD is currently operating with only about three dozen employees despite being authorized for seventy-five, so what are the long-term implications of trying to manage national cyber defense with such a skeletal crew?
Operating at less than 50 percent capacity is a recipe for systemic exhaustion, especially when the mission is as broad as overseeing the budgets and defense policies of the entire federal executive. Since the office was created in 2021, the goal was to have a centralized hub of expertise, yet we see a director confirmed in August 2025 who comes from a legal and political background rather than a technical one. This disconnect between a leadership focused on Republican National Committee-style executive management and a staff that needs to understand the deep-seated flaws in digital infrastructure creates a functional paralysis. When the chief of staff and their deputy also lack direct cybersecurity experience, the burden on the remaining technical staff becomes unbearable, which explains why morale has reportedly plummeted. You cannot protect banks, hospitals, and power grids from sophisticated state-backed operatives if your primary cyber office is struggling to keep the lights on and the desks filled.
What specific developments in the capabilities of models like Claude Mythos prompted the administration to move away from a laissez-faire approach toward a voluntary safety-vetting system?
The shift in strategy was largely catalyzed by a jarring realization in early April when Anthropic revealed that their new models were essentially becoming expert-level locksmiths for digital vulnerabilities. These frontier tools, including OpenAI’s GPT-5.5, demonstrated an alarming ability to find and potentially exploit holes in the digital infrastructure that underpins our modern economy. For a long time, the administration was content to let the private sector self-regulate, but the idea that the security of our entire national infrastructure hinged solely on the discretion of a few private companies became an untenable risk. This led to the creation of the 30-day pre-release review window, a directive intended to give the federal government a chance to vet these tools before they are released to the general public. It was a reactive pivot born out of the fear that if these models fell into the wrong hands, they could enable a barrage of cyberattacks that would overwhelm our existing defenses.
What is your forecast for the federal government’s ability to successfully secure the next generation of AI infrastructure?
My forecast for our AI infrastructure security is one of guarded concern, as the success of the current 60-day setup period for the new vetting system depends entirely on whether the ONCD can rapidly recruit 40 or more highly qualified technical candidates. We are currently witnessing a race between the rapid-fire release of frontier models and the slower, more cumbersome pace of federal hiring and policy implementation. While the White House spokesperson has publicly praised the current leadership, the internal reality suggests a desperate need for a technical “brain gain” to offset the recent exodus of intelligence veterans. If the administration cannot bridge the gap between political loyalty and technical proficiency by the time the next major model is submitted for its 30-day review, the vetting process may lack the teeth necessary to actually identify and mitigate the risks posed by these advanced systems. Ultimately, the stability of our hospitals and financial institutions will depend on whether the ONCD becomes a robust technical powerhouse or remains a small office overwhelmed by the sheer scale of the technology it is supposed to govern.
