Monday, 13 July 2026 PDT | 03:35 AM
The 1 News Alt Logo Text Smart News for Global Indians

EU Commission publishes Action Plan on Cybersecurity and Artificial Intelligence

AI News July 13, 2026 02:31 PM
EU Commission publishes Action Plan on Cybersecurity and Artificial Intelligence

EU Commission publishes Action Plan on Cybersecurity and Artificial Intelligence

On 7 July 2026, the EU Commission presented its Action Plan on Cybersecurity and Artificial Intelligence, setting out how the EU intends to manage the risks and harness the opportunities of advanced AI for cybersecurity.

The plan builds on the EU's existing legal framework (including the AI Act, the Cyber Resilience Act, the NIS2 Directive, DORA and the Cyber Solidarity Act) and sets out a coordinated approach to bring together Member States, industry and EU-level bodies around three objectives:

Promoting the safe and responsible use of advanced AI

Under the AI Act, advanced AI models must be evaluated, and mitigation measures assessed, before the models are placed on the EU market. To support this, the EU Commission will aim to launch a dedicated call to establish an EU evaluation capacity covering cybersecurity, expected to be operational in 2027. This new capacity would contribute to the regulatory function of the EU AI Office by strengthening third-party assessment of AI capabilities and risks.

The Commission also aims to work with the EU's cybersecurity agency (ENISA) to define a European Blueprint for structured access to advanced AI capabilities for cybersecurity purposes. This guidance is intended to help European public and private organisations gain access to the most advanced AI models. Additionally, ENISA and the Commission's Joint Research Centre will seek to create a secure platform to test AI for cybersecurity, including through simulated environments. Expected by the end of 2026, the platform would help organisations in critical sectors such as energy, transport, health, finance and public administration to safely test and deploy AI solutions.

Reinforcing the EU’s cybersecurity and resilience

The second part of the plan focuses on implementation rather than new rules. The Commission's stated priority is to help organisations identify and fix critical vulnerabilities faster. To do so, the EU Commission pushes for the full and effective implementation of existing EU cybersecurity legislation, namely the NIS2 Directive, DORA and the Cyber Resilience Act (which will be applicable by the end of 2027). It is worthwhile to note that the EU Commission has been particularly vocal on the urgency of NIS2 transposition across EU Member States. The plan also encourages organisations to use AI, including open-source models where appropriate, to detect and address vulnerabilities more quickly and to improve their ability to prevent and respond to cyberattacks

Scaling up the EU’s AI capabilities for cybersecurity

To stimulate the European Market, the EU Commission will launch an “EU Grand Challenge” on AI for cybersecurity. The competition aims to bring together companies, researchers and other organisations to develop innovative AI-powered cybersecurity solutions. The EU Commission, in its communication, also notes that the upcoming European Tech equity capacity, announced in the Tech Sovereignty Package, could help crowd in private investment to scale up homegrown AI capabilities.

What does this mean for UK industry?

While the EU Commission insists on a strong sovereignty framing for its plan, which could indicate potential sidelining of non-EU industries in certain parts of its implementation(and the opportunities that might arise from it), it remains understanding of the need to work with like-minded partners. Indeed, the final part of the Commission’s plan recognise this cybersecurity issue is a “shared challenge and international cooperation is essential”. The plan specifically highlights the need to engage and cooperate the G7, NATO, and the Network of Advanced AI Measurement, Evaluation and Science, coordinated by the UK AISI.

There are therefore encouraging signs that UK cybersecurity sector could be involved in the opportunities that arise from the plan and could therefore contribute to strengthening security and promoting interoperability of solutions between like-minded partners.

The EU Commission will now begin to roll out the actions announced in the plan, with the secure AI testing platform expected by the end of 2026 and the EU evaluation capacity due to be operational in 2027. We will continue to monitor these developments and their implications for members.

techUK will be organising a cyber focused delegation to Brussels in September. Registered members will be provided with the opportunity to directly ask relevant EU stakeholders questions on the EU’s cyber security plans.

If you are not a techUK member, you can still register for the delegation by first expressing your interest to sabina.ciofu@techuk.org before 15 August.