AXIOS

IBM is investing $5 billion and deploying more than 20,000 engineers to help secure open source software, according to an announcement shared first with Axios.

Why it matters: AI is supercharging cyberattacks, pushing companies to adopt the same technology to defend against threats.

Driving the news: “Project Lightwell” — the new initiative by IBM and Red Hat, its open source software subsidiary — uses frontier AI capabilities to establish a “clearinghouse” to identify and fix vulnerabilities at scale.

IBM and Red Hat’s new “Project Lightwell” uses frontier AI capabilities to establish a “clearinghouse” to identify and fix vulnerabilities at scale.

• Bank of America, JPMorganChase, Visa, Mastercard, Wells Fargo and Morgan Stanley are early adopters of the platform.

How it works: Red Hat’s cyber tools have focused on software running within Red Hat platforms.

• Project Lightwell expands those protections to a broader set of open source technologies, including AI frameworks, coding libraries and data streaming platforms such as Apache Kafka.
• Part of the $5 billion is going toward the 20,000 engineers, who are all current IBM employees and will be dedicated to the project full-time.

What we’re watching: IBM CEO Arvind Krishna said he expects the government to be very interested in a solution like Project Lightwell: “We believe that at least some people in the government are looking for the private sector to step up with an answer like this.”

• “Over the last few weeks, ever since Mythos came out, there have been a lot of conversations with very senior levels of the government. We did put forward that something like this could be one of the potential responses, so that has been discussed,” Krishna said.
• The White House last week pulled an AI executive order following internal disagreements over how exactly to address cybersecurity fears and to what extent AI should be regulated.