SecureBio

Quick Assessment

Overview

SecureBio is a 501(c)(3) nonprofit founded in 2022 by Kevin Esvelt, an MIT professor who invented CRISPR-based gene drive technology.¹ The organization works to protect against catastrophic pandemics—both natural and engineered—through a three-part framework: Delay dangerous capability proliferationRiskAI ProliferationAI proliferation accelerated dramatically as the capability gap narrowed from 18 to 6 months (2022-2024), with open-source models like DeepSeek R1 now matching frontier performance. US export contr...Quality: 60/100, Detect novel pathogens early, and Defend through physical and institutional interventions.⁸

The organization operates two main divisions. The AI & Biotechnology Risks team, led by Seth Donoughe, evaluates how AI systems might accelerate biological threats and develops benchmarks for AI labs. The Nucleic Acid Observatory (NAO), led by Jeff Kaufman, pioneers wastewater-based metagenomic surveillance to detect novel pathogens before they spread widely.⁶

SecureBio occupies a distinctive position in the biosecurity landscape by explicitly focusing on catastrophic and existential biological risks rather than routine public health threats. The organization also bridges the AI safety and biosecurity communities, recognizing that advances in AI could significantly lower barriers to creating engineered pathogens.⁵ See the Biosecurity Interventions overview for how SecureBio fits within the broader intervention portfolio.

History

Founding and Early Development (2022-2024)

SecureBio was founded by Kevin Esvelt, who brought credibility from his work on gene drive technology and his security-minded approach to biotechnology. Esvelt had previously argued that the "security mindset was not sufficiently present in most of the bioengineering industry."⁹

The organization quickly attracted funding from Coefficient GivingOrganizationOpen PhilanthropyOpen Philanthropy rebranded to Coefficient Giving in November 2025. See the Coefficient Giving page for current information., receiving multiple grants:

• $4,000,000 for general support over three years²
• $3,430,000 for the Nucleic Acid Observatory program³
• $1,420,937 for biosecurity research over three years⁴
• $570,000 for pathogen early warning systems¹⁰

Leadership Transition (2024-Present)

In September 2024, Kevin Esvelt stepped back from SecureBio's Board to focus on his MIT professorship and academic research, though he remains involved as a co-founder.¹¹ Dr. Benjamin Mueller, formerly COO, became Executive Director and Chairman of the Board.

The board was restructured with new members bringing diverse expertise:

• Christine Parthemore - CEO of Council on Strategic Risks, national security expert on WMD/CBRN threats
• Michael Specter - Staff writer at The New Yorker, science and public health journalist
• Liv Boeree - Science communicator and philanthropist¹¹

Core Framework: Delay, Detect, Defend

Delay

The Delay pillar focuses on slowing the spread of dangerous biological capabilities to potential bad actors. Key initiatives include:

SecureDNAOrganizationSecureDNAA Swiss nonprofit foundation providing free, privacy-preserving DNA synthesis screening software using novel cryptographic protocols. Co-founded by Kevin Esvelt and Turing Award winner Andrew Yao, ...Quality: 60/100: A legally separate Swiss nonprofit co-founded by Esvelt, providing free DNA synthesis screening software to prevent dangerous pathogen creation. The system can detect hazardous genetic sequences down to 30 base pairs.¹¹

AI Capability Restrictions: Working with AI labs to implement appropriate access controls for models that could assist with biological weapon development.⁵

Detect

The Detect pillar centers on early warning systems for novel biological threats:

Nucleic Acid Observatory (NAO): Uses untargeted metagenomic sequencing of wastewater to identify new and unknown pathogens—including those with extended incubation periods that evade symptom-based surveillance. As of November 2025, NAO monitors 31 sampling sites across 19 US cities and 5 US military facilities in the Indo-Pacific region, sequencing approximately 60 billion read pairs weekly.¹¹¹²

The approach is deliberately pathogen-agnostic, meaning it can detect threats regardless of whether they are natural, accidentally released, or deliberately engineered.¹

Defend

The Defend pillar develops physical and institutional measures to prevent infection and maintain societal resilienceAi Transition Model ParameterSocietal ResilienceThis page contains only a component reference with no visible content. Unable to assess any substantive material about societal resilience or its role in AI transitions.:

Far-UVC Research: Previously investigated germicidal ultraviolet light as a passive defense against airborne pathogens (currently inactive).⁸

Pandemic-Proof PPE: Advocated for improved personal protective equipment standards.⁸

AI & Biotechnology Risks Program

SecureBio's AI team has become increasingly prominent as concerns about AI-enabled bioterrorism have grown.

Virology Capabilities Test

The team developed the Virology Capabilities Test (VCT), a benchmark measuring AI models' ability to assist with complex virology tasks. A 2025 study using the VCT found that OpenAIOrganizationOpenAIComprehensive organizational profile of OpenAI documenting evolution from 2015 non-profit to commercial AGI developer, with detailed analysis of governance crisis, safety researcher exodus (75% of ...'s o3 model "outperformed 94 percent of expert virologists" on troubleshooting complex lab protocols, demonstrating an "urgent need for thoughtful access controls."¹³

The VCT is now used by major AI laboratories for pre-release safety evaluations.¹¹

NIST Engagement

SecureBio participates in the NIST US AI Safety Consortium and submitted formal recommendations including:⁵

• Ensuring the AI Risk Management Framework addresses biosecurity risks from foundation models
• Developing evaluations for CBRN risks including static benchmarks, model-graded evaluations, and task-based evaluations
• Assessing biological design tools (BDTs) that could lower barriers for non-experts

Collaboration with AI Labs

SecureBio collaborates with frontier AI companies including AnthropicOrganizationAnthropicComprehensive profile of Anthropic, founded in 2021 by seven former OpenAI researchers (Dario and Daniela Amodei, Chris Olah, Tom Brown, Jack Clark, Jared Kaplan, Sam McCandlish) with early funding... to build evaluation tools and mitigation strategies. Notably, former SecureBio Research Scientist Anjali Gopal, who co-led the AI project, moved to Anthropic's technical staff.⁶

Team and Organization

Current Leadership

Team Structure

Key researchers include Jasper Götting (Head of Research, AI team), Will Bradshaw (Head of Computational Programs, NAO), and James Kremer (Head of Laboratory Science, NAO).⁶

Notable Departures

• Kevin Esvelt - Stepped back September 2024 to focus on MIT professorship¹¹
• Anjali Gopal - Former AI Project Co-Lead, now at AnthropicOrganizationAnthropicComprehensive profile of Anthropic, founded in 2021 by seven former OpenAI researchers (Dario and Daniela Amodei, Chris Olah, Tom Brown, Jack Clark, Jared Kaplan, Sam McCandlish) with early funding...⁶

Funding

Major Grants

Operating Costs

The AI-Bio evaluation project alone costs approximately $700,000 per 6 months, covering team leads, policy scientists, contractors, and research assistants.¹⁴ As of early 2024, SecureBio was actively seeking additional funding to sustain operations.¹⁴

Criticisms and Concerns

Information Hazard Dilemma

SecureBio's work inherently involves dual-use knowledge—understanding how to defend against biological threats requires understanding the threats themselves. The broader biosecurity community remains divided on how to handle such information hazards.⁷

Some experts argue that emphasizing certain risks could "fuel threats rather than mitigate them"—citing how Al Qaeda's bioweaponsRiskBioweapons RiskComprehensive synthesis of AI-bioweapons evidence through early 2026, including the FRI expert survey finding 5x risk increase from AI capabilities (0.3% → 1.5% annual epidemic probability), Anthro...Quality: 91/100 efforts reportedly began after the United States publicly highlighted biosecurity vulnerabilities.⁷

SecureBio has been praised for being "mindful of information hazards" in its approach,⁹ but the tension between transparency and security remains unresolved in the field.

Scope Limitations

Evaluators have noted that SecureBio's expertise "concentrates on biological threats, not financial systems or weapons infrastructure vulnerabilities."¹⁴ The organization is not positioned to address all catastrophic risks.

Funding Dependence

Like many EA-aligned organizations, SecureBio relies heavily on Coefficient Giving funding. This concentration creates sustainability risks and potential influence concerns, though no specific issues have been raised.

Key Uncertainties

Relationship to AI Safety

SecureBio represents an important bridge between the biosecurity and AI safety communities. The organization's work on AI capability evaluations directly addresses concerns about AI misuse risksCruxAI Misuse Risk CruxesComprehensive analysis of 13 AI misuse cruxes with quantified evidence showing mixed uplift (RAND bio study found no significant difference, but cyber CTF scores improved 27%→76% in 3 months), deep...Quality: 65/100, specifically the potential for AI to lower barriers to biological weapon creation.

The fact that SecureBio staff have moved to AI labs (Anjali Gopal to Anthropic) and that AI labs use SecureBio's evaluation tools suggests meaningful knowledge transfer between these communities.

Sources