Buried in the Senate Armed Services Committee's fiscal 2027 National Defense Authorization Act — released this week after a June 10 closed-door markup — is a provision that should change how every AI vendor and defense contractor thinks about governance. The Senate bill would establish insider-threat reporting requirements for major artificial intelligence companies that do business with the Pentagon.
In the committee's framing, the rules are aimed at protecting DoD "systems, missions, personnel, operations, and supply chains from counterintelligence, security, and other national security risks." In plainer terms: the bill would bring major AI companies into the same fold as classified defense contractors, which are already required to maintain insider-threat programs and provide training to their employees.
Why a Reporting Mandate Becomes an Enforcement Problem
Insider-threat programs are not paperwork. For a cleared contractor, the program is an operational capability: detect anomalous behavior, monitor how sensitive information moves, and produce evidence when something goes wrong. Extending that obligation to AI companies — and, by extension, raising the bar for the contractors who deploy their tools — runs straight into a measurement gap that most organizations have not closed.
The gap is the AI session itself. An insider-threat program can monitor file movement, badge access, and email. It usually has no visibility into the moment an employee pastes controlled or proprietary information into a commercial AI assistant in a browser tab. That action leaves the organizational boundary instantly, and most insider-threat tooling never sees it.
This matters now because the Pentagon is leaning in, not pulling back. The provision arrives as DoD works with major AI model manufacturers to integrate the technology across its operations. The national-security stakes are already concrete: the Trump administration recently prohibited any foreign access to Anthropic's latest frontier model over national security concerns. AI is being adopted and restricted at the same time — and the control surface in between is what organizations are being asked to govern.
The Other Half of the Same Bill: CMMC
The insider-threat provision did not arrive alone. The same Senate bill proposes a CMMC grant program for small and nontraditional defense contractors — grants of up to $100,000 each, capped at $50 million in total, to offset the cost of a Level Two third-party assessment. If passed, DoD would have to stand up the program by July 1, 2027.
The timing is the point. DoD is ramping up CMMC Level Two requirements starting this November, and those requirements are expected to apply to tens of thousands of companies that handle controlled unclassified information (CUI). The grant money helps small contractors afford the assessment — but it does not change what gets assessed. Level Two evaluates whether a contractor protects CUI across its systems, and the AI tools employees use to draft, summarize, and analyze work are squarely inside that boundary.
So two provisions in one bill point at the same operational requirement from opposite directions: insider-threat reporting raises the expectation that organizations can see and govern risky AI usage, and CMMC raises the expectation that they can prove CUI stays protected when employees use AI tools.
Insider-Threat Controls Are Only Real If They Reach the Point of Use
The enforcement layer that satisfies both expectations sits between the user and the model. It is the layer that observes the AI session in real time, applies policy to what is about to be sent, blocks or redacts sensitive content before it leaves, and generates the audit trail an insider-threat reviewer or a CMMC assessor will ask for.
That layer is not the AI vendor's authorization boundary, and it is not a traditional DLP appliance watching files at rest. It is policy enforcement at the browser and proxy — the point where an employee actually interacts with ChatGPT, Claude, Gemini, or any other assistant.
Containment.AI operates at that layer. We monitor AI sessions, enforce CUI-sensitive policy rules at the moment of send, and produce the usage evidence that insider-threat programs and CMMC assessments increasingly require. The Senate bill is still a proposal, and DFARS has not been amended. But the defense industrial base has watched this legislative pattern before: the mandate lands, the requirements firm up, and the organizations that built the controls early are the ones ready when the auditors arrive.
Containment.AI enforces AI governance policies at the browser and proxy layer in real time — monitoring AI sessions, enforcing CUI-sensitive rules, and generating the audit evidence defense contractors need as CMMC and insider-threat requirements take shape. See how it works →