EU Action Plan on Cybersecurity and Artificial Intelligence
The European Commission has presented an Action Plan on Cybersecurity and Artificial Intelligence to support the safe and responsible use of AI while strengthening Europe's cybersecurity. Artificial intelligence (AI) is rapidly transforming the cybersecurity landscape. AI offers significant opportunities to improve vulnerability detection, prevent cyberattacks and strengthen the protection of critical infrastructure. At the same time, malicious actors can also leverage AI to automate attacks, identify weaknesses and conduct cyber operations at unprecedented speed and scale.
Building on the European Union’s existing legal framework for AI and cybersecurity, the European Commission has introduced an Action Plan to support Member States, businesses and public authorities in safely and responsibly benefiting from AI, while addressing the new risks it introduces.
The Action Plan focuses on three key objectives:
- Promoting the safe and responsible use of advanced AI
- Strengthening Europe’s cybersecurity and digital resilience
- Expanding Europe’s AI capabilities for cybersecurity
To encourage the secure use of advanced AI, the European Commission aims to strengthen Europe’s ability to evaluate AI models before they are introduced to the European market, in line with the AI Act. In addition, the Commission will work together with the European Union Agency for Cybersecurity (ENISA) to develop a European framework for secure access to advanced AI systems for cybersecurity purposes. This includes establishing a secure testing platform that enables organisations in critical sectors, such as energy, transport, healthcare, finance and public administration, to safely test and deploy AI solutions.
Strengthening Europe’s cyber resilience
The Action Plan also reinforces Europe’s cybersecurity by supporting the implementation of existing cybersecurity legislation, including the NIS2 Directive and the Cyber Resilience Act. Organisations are encouraged to make use of AI, including open-source models where appropriate, to detect and address vulnerabilities more quickly and improve their ability to prevent, respond to and recover from cyberattacks.
To strengthen Europe’s technological leadership, the European Commission will launch an EU-wide challenge on AI for cybersecurity, bringing together companies, researchers and other stakeholders to develop innovative AI-driven cybersecurity solutions. Europe will also continue investing in sovereign AI capabilities through initiatives such as AI Factories and future Gigafactories, while encouraging private investment to support the growth of European AI technologies.
Working together towards a secure digital future
The Action Plan complements the EU’s existing legal framework for AI and cybersecurity, including the AI Act, the Cyber Resilience Act, the NIS2 Directive, the Digital Operational Resilience Act (DORA) and the Cyber Solidarity Act.
By bringing together European institutions, Member States, industry, researchers, open-source communities and international partners, the Action Plan aims to ensure that Europe can fully benefit from the opportunities offered by AI while remaining resilient against emerging cybersecurity threats.