AI and Cybersecurity: The EU’s New Action Plan for Digital Resilience

Artificial intelligence is rapidly transforming the cybersecurity landscape. While advanced AI systems can help organisations detect vulnerabilities, prevent attacks and respond to incidents more efficiently, the same technologies can also be exploited by malicious actors to automate cyber operations and increase their speed, scale and sophistication.

To address this dual challenge, on 7 July 2026 the European Commission presented the EU Action Plan on Cybersecurity and Artificial Intelligence. The initiative sets out a coordinated European approach to supporting the safe and responsible use of advanced AI while strengthening the resilience of Europe’s digital infrastructure. Its objective is not only to manage the risks created by advanced AI models, but also to ensure that Europe can use these technologies to reinforce its cybersecurity capabilities and technological sovereignty.

 

Three priorities for European action

The Action Plan is structured around three complementary objectives:

  1. promoting the safe and responsible use of advanced AI;
  2. reinforcing the EU’s cybersecurity and resilience;
  3. scaling up Europe’s AI capabilities for cybersecurity.

Together, these priorities bring risk management, regulatory implementation and innovation support into a common European framework.

 

From risk management to innovation

Among the proposed measures, the Commission plans to improve the evaluation of advanced AI models and develop secure environments for testing AI-based cybersecurity solutions. Particular attention will be given to critical sectors such as energy, transport, healthcare, finance and public administration, where cyber incidents can have major economic and societal consequences.

The Action Plan will also support the use of AI to identify and address vulnerabilities more rapidly, complementing existing EU legislation including the AI Act, the NIS2 Directive, the Cyber Resilience Act, the Cyber Solidarity Act and the Digital Operational Resilience Act (DORA).

 

Opportunities for researchers and companies

The initiative is particularly relevant for Europe’s research and innovation community. Among the planned measures is an EU Grand Challenge on AI for cybersecurity, a European competition designed to bring together researchers, companies and other stakeholders to develop innovative solutions to emerging cyber threats. Secure testing facilities may also help universities, start-ups, SMEs and public authorities assess AI technologies before deploying them in real operational environments.

The Action Plan also contributes to the EU’s broader ambition to strengthen its technological sovereignty. Continued investment in AI Factories, future AI Gigafactories and European cybersecurity solutions could create new opportunities for research collaboration, technology testing and market development.

 

Looking ahead

As artificial intelligence becomes increasingly integrated into essential services and digital infrastructure, cybersecurity will need to evolve alongside it. The Action Plan marks a further step in Europe’s cybersecurity strategy, addressing emerging risks while using AI to strengthen prevention, detection and response capabilities.

The coming implementation phase will therefore be crucial in determining whether the Action Plan can turn its strategic ambition into practical results and contribute to a more secure and resilient European digital ecosystem.

 

For further information, click here.