New advanced artificial intelligence (AI) models are fundamentally changing the field of cybersecurity. According to the executive body's statement, AI can be misused to detect vulnerabilities, automate attacks, and increase the scale and speed of cyber incidents to an unprecedented level.
EU Action Plan for Digital Space Protection
In response, the institution is developing an action plan that will unite member states, industry, and European organizations to strengthen the protection of the European digital space against vulnerabilities related to advanced AI. It also emphasizes the existence of a unified EU legal framework regarding artificial intelligence and cybersecurity.
Creation of European Assessment Systems
The plan provides for the creation of a European capability to assess AI models, including the area of cybersecurity. This system is scheduled to become operational in 2027, allowing for the independent evaluation of the capabilities and risks of artificial intelligence systems.
Collaboration and Technology Testing
The European Commission also intends to collaborate with the European Union Agency for Cybersecurity (ENISA) to develop guidelines. These guidelines should facilitate access for public and private organizations to advanced AI models used for digital defense. Furthermore, the creation of a secure platform for testing AI applications in cybersecurity using simulated environments, intended for critical sectors such as energy, healthcare, transport, finance, and public administration, is planned.
Support and Development of AI in the EU
The plan encourages organizations to utilize existing AI tools, including open-source models, to more quickly find and fix vulnerabilities, thereby improving the prevention and response to cyberattacks. Within this context, Brussels also announces the launch of the Grand European AI Contest for Cybersecurity, an initiative aimed at promoting European solutions in this field and bringing together companies, researchers, and organizations.
Legal Framework and Autonomy
The European Commission stresses the need for further EU investment in its own advanced artificial intelligence capabilities through infrastructures such as AI factories and future gigafactories, striving to strengthen Europe's technological autonomy. The European Union possesses a comprehensive legislative framework in the field of AI and cybersecurity, which sets rules for risk assessment, enhancing the protection of digital infrastructure, and ensuring greater security in the development and use of new technologies. This structure includes the AI Act, which requires the identification and mitigation of risks associated with advanced models; the NIS2 Directive, which strengthens the security of critical sectors such as energy and transport; the DORA Regulation, which increases the digital resilience of the financial sector; and a cybersecurity regulation introducing design-stage security requirements for hardware and software.
