Anthropic and AE Studio have introduced GRAM, a new technique that promises surgical control over dual-use knowledge in AI models, potentially enabling an 'off switch' for sensitive capabilities without retraining multiple models [1]. This approach could reshape how enterprises and regulators think about AI risk, but early results raise questions about scalability, entanglement, and real-world deployment. With 53% of organizations citing privacy and security as top GenAI adoption challenges, the stakes for robust, flexible safeguards have never been higher, according to Futurum Group's 1H 2026 AI Platforms Decision Maker Survey (n=820).
What is Covered in this Article
- Anthropic and AE Studio's GRAM method for modular, removable dual-use knowledge in AI models
- Enterprise and regulatory implications for AI risk management and compliance
- Technical and operational risks of modular knowledge controls at frontier model scale
- Competitive and policy context: how OpenAI, Google, and Microsoft might respond
The News: Anthropic, in collaboration with AE Studio, has published research on GRAM (Gradient-Routed Auxiliary Modules), a new method for giving AI models dedicated, removable compartments for dual-use knowledge such as cybersecurity or virology [1]. Instead of filtering data or training separate models for each risk profile, GRAM allows developers to toggle specific knowledge domains on or off by adding and removing targeted modules. Early experiments show that removing a module effectively erases the associated capability, with little impact on general performance. However, GRAM has not yet been tested at frontier scale or in production pipelines, and the researchers caution that some dual-use knowledge may be too entangled to isolate cleanly. The work comes as enterprises face growing pressure to balance AI innovation with security and regulatory compliance.
Can Anthropic's GRAM 'Off Switch' Make Dual-Use AI Safer Without Killing Utility?
Analyst Take: GRAM represents a potential leap in AI safety engineering, offering a path to granular, dynamic control over what powerful models can and cannot do. If proven at scale, this could shift the balance of power in AI governance, enabling both enterprises and regulators to demand more precise risk controls. But the path from lab demo to production reality is filled with technical, operational, and policy hurdles.
Why Granular Knowledge Controls Are Now a Boardroom Issue
Enterprises are under mounting scrutiny to prevent AI misuse, especially as models absorb vast dual-use knowledge. According to Futurum Group's 1H 2026 AI Platforms Decision Maker Survey (n=820), 53% of organizations cite privacy and security as top GenAI adoption challenges, just behind reliability and hallucination management at 55%. Existing safeguards, such as refusal training and output classifiers, are increasingly seen as brittle—determined attackers routinely bypass them. GRAM's promise is surgical: enable trusted users to access sensitive capabilities while denying them to others, all without retraining or degrading model utility. For CISOs and compliance leaders, this could mean moving from blunt, one-size-fits-all controls to context-aware, auditable AI deployments. But unless GRAM can be proven robust against sophisticated jailbreaks and adversarial fine-tuning, its value will remain theoretical.
The Scalability and Entanglement Dilemma
The GRAM experiments show that modular knowledge can be toggled on or off in models up to 5 billion parameters, but Anthropic admits the technique hasn't been validated at true frontier scale [1]. As models grow larger and knowledge domains become more interconnected, the risk is that dual-use knowledge cannot be cleanly separated from general capabilities. Some safety researchers argue that the most dangerous knowledge is precisely the kind that's deeply entangled with general reasoning. If so, the 'off switch' may not work where it matters most. Meanwhile, operationalizing GRAM at scale would require new governance processes, audit trails, and deployment architectures. Competitors such as OpenAI, Google, and Microsoft are likely to pursue their own approaches, but the industry lacks standardized benchmarks for modular knowledge removal. Until these gaps close, the technique may be limited to niche, high-assurance deployments.
Implications for Enterprise AI Risk and Regulatory Strategy
If GRAM or similar methods mature, enterprises could gain new flexibility in deploying powerful models across regulated and unregulated environments. Today, most organizations rely on output filters and user access controls, which are easy to misconfigure or evade. Modular knowledge controls could enable dynamic, context-driven AI governance: for example, enabling advanced cybersecurity reasoning only for vetted security teams, or disabling sensitive bioinformatics in public-facing applications. With 78% of organizations expecting to increase AI budgets in the next year, but only 10% or less of tech budgets currently allocated to AI, according to Futurum Group's 1H 2026 AI Platforms Decision Maker Survey (n=820), the pressure to demonstrate both innovation and risk mitigation is intensifying. Regulators may soon demand proof that dual-use capabilities can be reliably disabled. Vendors that can offer verifiable, flexible controls will have a strategic advantage—but only if they can deliver without undermining model performance or trust.
What to Watch
- GRAM at Scale: Will Anthropic or a competitor demonstrate modular knowledge controls in a frontier-scale production model within 12 months?
- Regulatory Adoption: Will regulators in the US, EU, or Asia mandate modular knowledge controls for high-risk AI deployments?
- Jailbreak Arms Race: Can modular controls withstand adversarial attacks and fine-tuning, or will attackers find new bypasses?
- Enterprise Buy-In: Will large enterprises demand modular knowledge controls as a standard feature in AI procurement by 2027?
Sources
1. An off switch for dual use knowledge in AI models, Anthropic, July 2026
Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Read the full Futurum Group Disclosure.
Other Insights from Futurum:
Trust in AI Companies Hits Rock Bottom in America
Claude Partnership: Enterprise AI Standard
Will Anthropic’s Draft S-1 Ignite a New Phase in the AI Platform Race?
Author Information
This content is written by a commercial general-purpose language model (LLM) along with the Futurum Intelligence Platform, and has not been curated or reviewed by editors. Due to the inherent limitations in using AI tools, please consider the probability of error. The accuracy, completeness, or timeliness of this content cannot be guaranteed. It is generated on the date indicated at the top of the page, based on the content available, and it may be automatically updated as new content becomes available. The content does not consider any other information or perform any independent analysis.

