Musk's xAI flaunts lax attitude on security, seeks top secret government contracts
Elon Musk's artificial intelligence company is seeking to expand its work for the government, including securing contracts involving the country's most sensitive national security information.
xAI is currently hiring at least five roles related to government work. For two of those roles, a facility security officer and an analyst, xAI requires applicants to have an active Top Secret or Top Secret/Sensitive Compartmented Information (TS/SCI) clearance, indicating that some of the work would involve highly sensitive national security issues. Job listings for xAI's three other government roles state that applicants with Top Secret clearances are preferred.
For most government personnel, the highest standard of security clearance is Top Secret. This level permits access to classified material that, if revealed improperly, could pose a grave threat to national security. TS/SCI is an additional designation under the broader Top Secret clearance.
xAI has relaxed cybersecurity and safety protocols, which appear to fall short of federal requirements for vendors handling sensitive data.
The company does not have a dedicated AI safety team, but instead employs a "safety advisor," Dan Hendrycks, who is paid an annual salary of $1. In December 2024, Hendrycks submitted responses to an AI safety survey on behalf of xAI, stating that the company had not obtained ISO 27001 compliance certification. Developed by the International Organization for Standardisation, ISO 27001 is an industry standard for safeguarding information security, aimed at reducing the likelihood of data breaches and ensuring regulatory compliance.
Hendrycks noted in the FLI AI Safety Index 2024 survey that xAI does not report adverse events, security breaches, or cybersecurity threat intelligence information to relevant governments.
His cavalier responses to the survey questions underscore the company’s hands-off approach to AI safety. One of the survey questions asked if there is an internal audit team tasked with overseeing management practices at xAI. “I, Dan, look around and go to random meetings to see what’s going on," responded Hendrycks, who is also a safety advisor for Scale AI.
When asked, "Does your company have one or more internal bodies that review deployment decisions related to highly capable AI models? This might be an ethics board or other body with a responsibility/safety related mandate," Hendrycks replied: "Not E's style," apparently referring to Musk. The survey was created by the Future of Life Institute, a nonprofit advised by Musk that claims to steer AI technologies "away from extreme, large-scale risks and towards benefiting life."
xAI did not respond to a request for comment.
The firm's role in U.S. national security has been in the making for months.
In July, shortly after one of xAI's Grok chatbot models repeatedly praised Adolf Hitler, the Pentagon announced that it had awarded xAI a contract to "address critical national security challenges" and develop "agentic AI workflows." (Agentic AI refers to programs that are designed to operate and make decisions autonomously.)
xAI structured the defense contract, which is worth up to $200 million, through a shell company called AIQ Phase LLC. "Under this award, the performer will develop prototype frontier AI capabilities to address critical national security challenges… across warfighting and enterprise domains," reads a Department of Defense (DOD) bulletin on the xAI contract, which notes that the work has an estimated completion date of July 2026.
In August, xAI was also named as an approved vendor with the General Services Administration, the agency responsible for government-wide procurement services. This arrangement allows other federal agencies and departments to purchase several versions of xAI's Grok products through the GSA's online marketplace.
The company's deal with the GSA has shed additional light on its security standards. xAI has adopted the National Institute of Standards and Technology's (NIST) "800-171 Rev.3 framework as a baseline for our internal security standards," the company stated in its June 2025 enterprise customer agreement with the GSA. The NIST is an agency of the Department of Commerce.
While NIST 800-171 Rev.3 offers guidelines for government contractors to secure their data and infrastructure, it is not relevant when it comes to handling top-secret information. Instead, it is meant only to protect "Controlled Unclassified Information," or "sensitive information that does not meet the criteria for classification but must still be protected. It is Government-created or owned UNCLASSIFIED information that allows for, or requires, safeguarding and dissemination controls in accordance with laws, regulations, or Government-wide policies."
xAI job postings suggest the company plans to perform government work involving Top Secret information. But it is unclear whether the company has the security protocols in place to safeguard Top Secret data appropriately.
You can count on muskrat not having the security protocols in place. Why? Because he doesn't give a shit about our security. The more our security is at risk, the better for him. The rift between him and cheeto is a sham. He will continue to get gov contracts and because he is now so embedded, a new admin wont even be able to get rid of him. Muskrat is far worse than anyone in the current admin. All of the billionaires are far worse than we could imagine. Epstein.
This (Oligarch Watch) is a good exercise in "Freedom of Speech"!
God Bless It!