EC Presents EU Action Plan on Cybersecurity and AI

EC Presents EU Action Plan on Cybersecurity and AI
Depositphotos

The European Commission has presented an Action Plan for a structured response to address the risks and harness the opportunities of advanced AI models for cybersecurity. Building on the EU's unique legal framework for AI and cybersecurity, the Action Plan will bring together Member States, industry, and EU-level organisations to strengthen the cybersecurity of our digital landscape against the vulnerabilities posed by advanced AI.

Effective security requires a thorough understanding of how new technologies can be used, misused, and exploited. Under the AI Act, advanced AI models must be evaluated and mitigation measures carefully assessed before they are placed on the EU market. To foster homegrown expertise, the EC will launch a dedicated call to establish an EU evaluation capacity, covering cybersecurity, expected to be operational in 2027. This new capacity will contribute to the regulatory function of the AI Office by strengthening global third-party assessment of AI capabilities and risks.

Europe also needs clear and transparent conditions for accessing the most advanced AI systems. The EC will work with the EU Agency for Cybersecurity (ENISA) to define a European blueprint for structured access to advanced AI capabilities for cybersecurity. This guidance will support relevant European public and private organisations in gaining access to advanced AI models. ENISA and the Commission's Joint Research Centre will create a secure platform to test AI for cybersecurity, including using simulated environments. This will bring know-how on the safe use of AI to operators in critical sectors, such as finance, energy, health, transport and the public administration.

”AI is transforming the meaning of cybersecurity. And we must keep pace. The EU has strong foundations in place to adapt its response in the face of vulnerabilities that emerging tech brings with it. We must harness and focus existing capabilities, networks and the legal framework to fortify the cybersecurity protecting our digital landscape,” said Henna Virkkunen, EC EVP for Tech Sovereignty, Security, and Democracy.