A view from Brussels: EU tackles AI and cyber

A view from Brussels: EU tackles AI and cyber

A view from Brussels: EU tackles AI and cyber

https://iapp.org/news/a/a-view-from-brussels-eu-tackles-ai-and-cyber

Publish Date: 2026-07-09 12:10:00

Source Domain: iapp.org

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points. “(Artificial intelligence) is transforming the meaning of cybersecurity. And we must keep pace,” Executive Vice-President of the European Commission for Technological Sovereignty, Security and Democracy Henna Virkkunen said as she presented the commission’s EU Action Plan on Cybersecurity and Artificial Intelligence Tuesday. The action plan is a direct response to unprecedented cybersecurity capabilities of the latest AI models, that also change the “economics of malicious actors,” she explained. It follows suit with recent declaration from the G7 Cybersecurity Working Group to strengthen global digital resilience. It also builds on a call to action from the Five Eyes cybersecurity agencies: AI undeniably accelerates the sophistication of cyber threats at unpresented scale and speed. The AI cyber action plan therefore reflects a growing reality for digital governance teams: AI-enabled cyber shock is already prompting them to use AI automation to triage and remediate against cyberthreats, to list cyberattacks and third-party vendors management among top digital risks, and to improve efficiencies between trust, governance and security across the business. The IAPP’s Navigate: Digital Risk Index 2026 attests to the significance of risks related to nation-state or sponsored cyberattacks, espionage and warfare on one hand, and AI technologies as accelerating or compounding risks on the other. The European Commission is accelerating three priorities. First, AI models with high cyber capability deployed in Europe must be safe. AI Act enforcement will play a role to ensure providers establish appropriate safeguards against misuse including in the cyber domains. Brussels will also launch a call to step up evaluation capacity of AI models by 2027 and strengthen know-how to deploy advanced AI models for Europe’s own cybersecurity. Second, the Commission wants to identify and fix critical vulnerabilities faster. That means full implementation of the NIS2 Directive, Digital Operational Resilience Act and the Cybersecurity Resilience Act “now,” insisted Virkkunen.  Third, Virkkunen wants to build Europe’s own AI-powered cyber capabilities. In addition to talent, infrastructure and financing remain a huge challenge but a crucial one to Europe’s sovereignty strategy. During the parliamentary debate following Virkkunen’s presentation, members of Parliament from across the political spectrum largely supported the action plan. They showed that cyber and AI require a whole-of-EU approach, across rules, capability building, innovation policy, public procurement and even diplomacy.Several interventions reflected clearly how this issue plays into the broader, hotter political debate agitating Brussels. There is broad adherence to the need to solidify Europe’s digital sovereignty, including by creating demand domestically via public procurement rules. But whether that then demands deregulation or to double down on efficiently implementing and enforcing existing rules seems to still divide MEPs.