AI/ML , Government security The deferral trap: Compounding risk and AI adoption governance May 5, 2026 Share By David Mussington , By Hugo Holopainen Credit: Adobe Stock Images For many institutions, the responsible posture toward AI adoption still sounds like restraint: move slowly, study the risks, wait for governance frameworks to mature, and avoid deploying capabilities faster than oversight can absorb them. One of us wrote the white paper " The Deferral Trap: Compounding Risk and AI Adoption Governance " to scrutinize that presumption -- that this instinct is understandable, but incomplete. The paper does not dismiss the risks of AI adoption . It starts from the opposite premise: AI systems can be opaque, difficult to govern, and dangerous when deployed in high-stakes contexts without accountability. The paper challenges a quieter assumption embedded in much of today's AI skepticism: that waiting is safe. That assumption no longer holds. In a deteriorating cyber threat environment, deferral is not neutral. Every month an institution delays its own governed AI adoption is also a month in which adversarial capability continues to mature, defensive expertise fails to accumulate, and the gap between what attackers can do and what defenders can govern grows wider. Read Dr. Mussington's "The Deferral Trap" white paper here . The core question: Is caution still conservative? Caution has a cost, and that cost compounds. Traditional AI risk calculations often compare adoption against a stable baseline: The organization can wait, preserve optionality, and adopt later once the rules are clearer. This baseline is not a safe and stable assumption. Critical-infrastructure operators are already facing sustained adversarial pressure from state-linked actors, communications systems have already been compromised at scale, operational technology environments are already being targeted for disruption, and frontier AI capabilities are already compressing the time required to find and exploit vulnerabilities. As such, besides asking, "What are the risks of adopting AI?," another question must also be asked: "What are the risks of not adopting governed AI fast enough?" A genuinely conservative posture is not indefinite restraint. It is accelerated governed adoption: moving quickly enough to keep pace with the threat environment , while building accountability into the architecture from the start. What the baseline actually looks like The argument is grounded in a blunt assessment of the current operating environment. Volt Typhoon demonstrated that PRC-linked actors were not merely stealing information; they were pre-positioning inside U.S. critical infrastructure networks for potential disruptive or destructive action. Salt Typhoon showed the communications layer itself could be penetrated at extraordinary scale, including systems tied to lawful intercept . Iranian-linked operations against internet-exposed industrial control systems showed that operational technology disruption is not theoretical. Anthropic's Claude Mythos Preview marked a new threshold in AI-enabled cyber capability: a model capable of autonomously identifying and exploiting serious vulnerabilities across major software environments. Together, these describe the environment in which AI governance decisions are now being made. That environment is not stable. It is already compromised, contested, and accelerating. For defenders, this changes the risk calculation. If adversaries are integrating advanced capabilities more quickly than institutions can build defensive expertise, then delay does not preserve safety. How deferral compounds risk There are several ways institutional skepticism can become a risk multiplier. First, deferral widens the capability gap. Adversaries do not wait for public-sector governance cycles, procurement reviews, or organizational consensus. They adopt useful capabilities on timelines driven by advantage. By delaying, defenders may not be moving backward, but they are falling behind. Second, deferral delays expertise formation. Governed AI adoption requires people who understand both the technology and the mission environment well enough to evaluate outputs, detect failures, challenge assumptions, and design functional oversight. That expertise is built through use and iteration. Third, deferral reduces institutional influence over standards. The governance frameworks that will shape AI use in critical infrastructure, cyber defense, and national security are being formed now. Institutions that stay on the sidelines are not avoiding the governance problem; they are allowing others to define it. The result is atrap: Organizations wait because they want to adopt responsibly, but waiting too long erodes the very capacity required for responsible adoption. Governed adoption is the alternative We ought to be careful not to replace one oversimplification with another. The answer to the deferral trap is not reckless deployment, but governed adoption. AI systems should be integrated into institutional workflows only with accountability structures that make their use auditable, reviewable, and subordinate to human judgment. Several principles make this possible: Human authority by design: Human judgment should be structurally required before consequential outputs are produced or acted upon. Provenance at the claim level: Analytical outputs should be traceable back to the source material, reasoning steps, and human judgments that produced them. Without that chain, speed easily becomes liability. Data sovereignty as an architectural constraint: Sensitive missions require architectures that do not force institutions to externalize protected materials into environments they cannot control. Audit independence: Records of what was ingested, generated, reviewed, and approved should survive system changes, personnel turnover, and operational failures. In a worsening threat environment, ungoverned deferral may be the more dangerous posture. Implications for institutional leaders The practical takeaway for policymakers, critical infrastructure leaders, and security executives is to change how delays are counted, not to "move fast" in the abstract. AI governance strategies should explicitly account for the cost of inaction, meaning asking which defensive functions are falling behind, which teams are failing to develop hands-on governance expertise, which standards processes are moving without the institution's voice, and which adversarial capabilities are likely to mature while internal adoption remains stalled. The message is especially relevant for organizations that have treated AI as an enhancement to existing defensive posture. In the Mythos-class capability environment, AI-enabled offense is becoming the norm, and defense is becoming the minimum viable posture. The conservative question therefore is then whether organizations can afford to keep deferring governed adoption while adversaries do not. Read "The Deferral Trap" white paper here . An In-Depth Guide to AI Get essential knowledge and practical strategies to use AI to better your security program. Learn More David Mussington Dr. David Mussington is a Fellow of the Institute for Critical Infrastructure Technology (ICIT) and Co-Chair of ICIT’s Center for FCEB Resilience. Additionally, he is a Professor of the Practice at the University of Maryland’s School of Public Policy. Prior to rejoining UMD in January of 2025, David served as the Executive Assistant Director for Infrastructure at the Cybersecurity and Infrastructure Agency, US Department of Homeland Security. At CISA David was one of three Presidentially appointed officials charged with implementing the nation’s critical infrastructure security and resilience strategies and plans across 16 critical infrastructures. He also led interagency efforts on counter- and anti- terrorism efforts, playing a leading role in reducing the risks of domestic targeted violence, school safety, and physical infrastructure security standards. He was also a founding member of CISA’s Cyber Safety Review Board David has extensive public and private sector experience in cyber and infrastructure security, selected for the Senior Executive Service and assigned to the Office of the Secretary of Defense in the role of Senior Advisor for Cyber Policy, later joining the NSC staff as Director for Surface Transportation Security Policy. As a researcher at RAND Corporation and later at the Institute for Defense Analyses, David directed cybersecurity studies for the Department of Homeland Security (DHS), the Office of the Director of National Intelligence (ODNI), the Federal Communications Commission, the Bank of Canada, and NATO. David has a PhD in Political Science from Canada’s Carleton University, and MA and BA degrees from the University of Toronto. He undertook postdoctoral study at Harvard’s Belfer Center, and at the UK’s International Institute for Strategic Studies. In 2021 David was elected a life member of the Council on Foreign Relations. In 2023 David was awarded Homeland Security Today’s Mission Award, for contributions to the US Critical Infrastructure Security and Resilience mission. In 2024 he received the 2024 Impact Award from the Institute for Critical Infrastructure Technology (ICIT) for leadership in critical infrastructure policy and strategy. David was selected in 2021 as a life member of the Council of Foreign Relations. Hugo Holopainen Hugo researches the intersections of cybersecurity, aerospace, critical infrastructure (CI), emerging technology, and defense. As a Senior Associate at Gray Space Strategies , he leads research on technology, cyber, and CI security, federal budgets, and defense-industrial dynamics for the advisory and the Institute for Critical Infrastructure Technology (ICIT) . He draws on experience with the Defense-Industrial Initiatives Group at CSIS, analyzing acquisitions, funding, emerging technology, and illicit tech transf