Skip to content
Menu
Menu

EU Launches Cybersecurity Plan For Advanced AI Threats

The Commission says advanced AI could help attackers find weaknesses and automate cyberattacks, forcing Europe to rethink how it tests and defends critical systems.

 

The European Commission released a new Action Plan on Cybersecurity and Artificial Intelligence, warning that advanced AI could make cyberattacks faster, larger, and easier to automate.

The plan treats advanced AI as both a cybersecurity tool and a cybersecurity risk. The Commission said AI can help detect vulnerabilities, prevent attacks and protect critical infrastructure. But it also warned that malicious actors can use the same technology to find weaknesses, automate attacks and carry out cyber operations at greater speed and scale.

“AI is transforming the meaning of cybersecurity. And we must keep pace,” said Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy. She said the goal is to turn advanced AI into a tool for stronger cyber defense while limiting its use by attackers.

 

What the plan does

The plan lays out several steps for managing advanced AI in cybersecurity.

First, the Commission said it will create a process for independent experts to test advanced AI models before they enter the EU market, giving the AI Office outside assessments of what those models can do and what risks they may create.

Second, the Commission said it will work with the European Union Agency for Cybersecurity (ENISA), the EU’s cybersecurity agency, to set rules for giving trusted public agencies, researchers and companies controlled access to advanced AI systems for cybersecurity testing and defense.

Third, ENISA and the Commission’s Joint Research Centre will create a secure testing platform for AI cybersecurity tools. The platform will use simulated environments so organizations can test AI systems safely before using them in sensitive settings.

The Commission said the testing effort will focus on critical sectors, including energy, transport, health, finance, and public administration.

 

Critical infrastructure

The plan also tells organizations not to treat AI as a substitute for basic cybersecurity. The Commission said companies and public agencies should first strengthen core defenses, including risk management, secure system design, and incident response.

Once those basics are in place, the Commission said organizations should use available AI tools, including open-source models where appropriate, to identify software weaknesses more quickly and improve cyber defense.

The European Union Agency for Cybersecurity (ENISA) will support that work with guidance and best practices. The Commission also said ENISA will work to secure critical open-source software, though it did not provide details on what that will entail.

 

Europe’s AI cyber capacity

The Commission said it will launch an EU Grand Challenge on AI for cybersecurity, a competition-style program meant to bring companies, researchers and other organizations together to build AI-powered cyber defense tools.

The plan also says Europe will need more computing power, AI infrastructure and investment to build those tools, instead of relying entirely on technology developed elsewhere.

 

The plan builds on existing EU rules, including the AI Act.

Clayton Rifkind

Clayton Rifkind is the Founder and Senior Editor of AI Risk Today. He also advises on content development for esgtoday.com, a leading source of ESG investment news and research for institutional investors and corporate leaders. He has 20+ years experience in B2B technology marketing, leading strategy and execution of go-to-market plans across software, enterprise platforms, and mobile applications. He also founded two marketing consultancies, advising startups and Fortune 1000 companies, including Autodesk, Intel, and Microsoft. Clayton began his career in the San Francisco advertising scene, working with brands such as Hewlett-Packard, Intel, Microsoft, Symantec, and Wells Fargo.

Essential AI Risk Intelligence

Daily insights on AI governance, regulation, and enterprise risk management. Trusted by Chief Risk Officers and compliance leaders globally.

By subscribing, you agree to receive our daily newsletter. Unsubscribe anytime.

Advertise with AI RIsk Today, Today!