Securing the AI Supply Chain: Safeguarding U.S. Advantage in the Age of Generative AI

Authors

Ryan Gutwein

Files

Description

Artificial intelligence (AI) now supports nearly every domain of national power, from intelligence fusion and logistics to cyber defense and information operations. Unlike traditional defense systems, AI depends on a globally distributed supply chain spanning data, models, and compute. Other critical systems also rely on global supply chains, but AI is distinctive in its dependence on large-scale data, open-source software, and foreign-fabricated chips, each of which introduces distinct avenues for compromise.

The AI supply chain includes every stage of an algorithm’s lifecycle: data ingestion, labeling, model training, deployment, and post-deployment monitoring. Because these processes draw on open-source tools, commercial cloud services, and foreign-made chips, assurance gaps now extend across the entire stack.

Recent incidents highlight how these risks have shifted inside modern AI ecosystems. In 2024, researchers discovered malicious model payloads on open-source platforms such as Hugging Face and prompt-injection exploits targeting GitHub Copilot, demonstrating that compromise can begin with poisoned data or manipulated model weights, not just zero-day exploits.

The United States therefore faces a dual imperative: to preserve the openness that drives innovation while hardening the AI supply chain against adversarial manipulation. Achieving this balance requires an ecosystem that is verifiable, governable, and resilient.

Publication Date

1-22-2026

Recommended Citation

Gutwein, Ryan, "Securing the AI Supply Chain: Safeguarding U.S. Advantage in the Age of Generative AI" (2026). GNSI Decision Briefs. 35.
https://digitalcommons.usf.edu/gnsi_decision_briefs/35

DOI

https://doi.org/10.5038/TZLJ6645