AI GovernancePolicy ExplainerJul 13, 2026, 10:26 PM· 4 min read

EU Unveils July 2026 Action Plan to Fund Pre-Market Safety Evaluation of Advanced AI Models

The European Commission has launched a comprehensive framework to evaluate frontier AI models for cybersecurity risks before they hit the market, aiming to protect critical infrastructure while fostering innovation.

By Factlen Editorial Team

European Policymakers 40%Cybersecurity Defenders 35%AI Model Developers 25%
European Policymakers
Argue that state-backed, structured evaluation of frontier AI is necessary to protect critical infrastructure and ensure digital sovereignty.
Cybersecurity Defenders
Emphasize that AI is accelerating threat timelines, making advanced defensive AI tools essential for survival.
AI Model Developers
Focus on the technical challenges of standardizing safety tests for non-deterministic systems and the compliance burden of pre-market evaluations.

What's not represented

  • · Open-Source AI Maintainers
  • · Non-EU Tech Startups

Why this matters

As AI accelerates the speed at which cyber vulnerabilities are exploited, this action plan provides the technical machinery and funding to ensure that advanced models defend European networks rather than arming attackers.

Key points

  • The European Commission launched a non-legislative Action Plan to build the technical infrastructure for evaluating advanced AI models.
  • The plan responds to AI-accelerated cyber threats, where vulnerabilities are now exploited an average of seven days before patches are released.
  • By the end of 2026, ENISA and the JRC will launch a secure sandbox platform to conduct pre-market red-teaming on frontier models.
  • The framework provides the enforcement machinery for the EU AI Act's general-purpose AI rules, which take effect in August 2026.
  • The Commission is also funding a 'Grand Challenge' to spur the development of sovereign European AI defense tools.
−7 days
Average time to vulnerability exploitation
August 2, 2026
AI Act GPAI enforcement date
2027
Target for full EU evaluation capacity

On July 7, 2026, the European Commission unveiled a sweeping Action Plan on Cybersecurity and Artificial Intelligence, aiming to systematically evaluate the safety of advanced AI models before they reach the open market.[1][3]

Detailed in press release IP/26/1544, the framework is not a new piece of legislation. Instead, it serves as the technical and financial machinery required to enforce the landmark EU AI Act, whose rules for general-purpose AI (GPAI) become enforceable on August 2, 2026.[2][4]

Executive Vice-President Henna Virkkunen positioned the plan as a necessary evolution in European defense, noting that AI is fundamentally changing the nature of cybersecurity. The initiative is designed to ensure that frontier AI models serve as shields for European infrastructure rather than weapons for adversaries.[2]

The urgency behind the Action Plan stems from a stark shift in the cybersecurity landscape. According to analysis highlighted by CERT-EU, the average time between a software vulnerability becoming public and its first real-world exploitation has dropped to "minus seven days."[2]

AI has accelerated threat timelines, allowing attackers to weaponize vulnerabilities before patches are available.
AI has accelerated threat timelines, allowing attackers to weaponize vulnerabilities before patches are available.

This negative interval means that threat actors, increasingly armed with generative AI, are weaponizing flaws before software vendors can even ship a patch. Modern AI systems can ingest a vulnerability description and output a working exploit in minutes, fundamentally breaking traditional patch-management timelines.[2]

To counter this, the first pillar of the Action Plan focuses on pre-market safety evaluation. By 2027, the Commission intends to build a dedicated, EU-level capacity to stress-test advanced models specifically for cybersecurity risks before they are deployed.[3][5]

This evaluation process will rely heavily on a secure testing platform, slated to launch by the end of 2026. Developed jointly by the European Union Agency for Cybersecurity (ENISA) and the Joint Research Centre (JRC), the platform will provide a controlled sandbox environment.[1][2][4]

Within this sandbox, regulators and independent auditors will conduct rigorous "red-teaming"—simulated cyberattacks designed to probe a model's safeguards. Evaluators will test whether a model will refuse to write malicious code, or conversely, if it can be easily jailbroken to assist in ransomware deployment.

The Action Plan establishes a secure sandbox for regulators to red-team models prior to deployment.
The Action Plan establishes a secure sandbox for regulators to red-team models prior to deployment.
Within this sandbox, regulators and independent auditors will conduct rigorous "red-teaming"—simulated cyberattacks designed to probe a model's safeguards.

Beyond restricting malicious use, the Action Plan also seeks to empower defenders. The Commission, alongside ENISA, is drafting a "European Blueprint" for structured access to advanced AI models.[1][5]

This blueprint will guide how public and private organizations—ranging from national cyber agencies to critical infrastructure operators in energy and transport—can securely access frontier models to automate their own threat detection and incident response.[4]

The framework also includes contingency measures to guarantee that European defenders retain access to critical AI models even if a commercial provider attempts to restrict access during a geopolitical crisis. Commercial partnerships are already adapting, with major developers expanding dedicated cyber-defense access to European institutions under the new framework.[5][6]

The second and third pillars of the plan focus on ecosystem preparation and scaling Europe's domestic capabilities. To stimulate the local market, the Commission is launching the "Grand Challenge on AI for Cybersecurity," a funding competition designed to spur European startups and researchers to build sovereign AI defense tools.[1][2]

This push for sovereignty is critical. Relying entirely on foreign-developed AI models for national cybersecurity introduces supply-chain risks. By funding local innovation, the EU hopes to leverage its existing infrastructure, including its network of "AI Factories" and upcoming supercomputing gigafactories.[1]

The Action Plan intersects with several existing directives, creating a unified regulatory net. It complements the Cyber Resilience Act, which mandates secure-by-design hardware and software by late 2027, and the NIS2 Directive, which imposes strict risk-management requirements on critical sectors.[1][3]

The Action Plan provides the technical machinery for the EU AI Act's upcoming enforcement deadlines.
The Action Plan provides the technical machinery for the EU AI Act's upcoming enforcement deadlines.

For AI developers, the Action Plan provides much-needed clarity. While the EU AI Act mandates that providers of high-risk systems mitigate foreseeable risks, the new plan outlines exactly how those risks will be measured and who will do the measuring.[4]

However, the mechanism of pre-market evaluation introduces inherent uncertainties. AI models are non-deterministic; they do not produce the exact same output every time. Designing standardized tests that reliably certify a model as "safe" remains an unsolved scientific challenge.

Furthermore, the line between a defensive cybersecurity tool and an offensive weapon is notoriously thin. A model capable of identifying a vulnerability in a company's network to patch it is equally capable of finding that vulnerability to exploit it.

Regulators face the challenge of evaluating models that can be used both defensively and offensively.
Regulators face the challenge of evaluating models that can be used both defensively and offensively.

As the August 2026 enforcement date for the AI Act's GPAI provisions approaches, the European Commission is racing to operationalize this framework. The success of the Action Plan will determine whether Europe can harness the defensive power of AI while keeping its most dangerous capabilities out of the hands of threat actors.[4]

How we got here

  1. March 2024

    The European Parliament formally adopts the EU AI Act, establishing the world's first comprehensive legal framework for artificial intelligence.

  2. June 2026

    The Council of the EU approves the 'Digital Omnibus' amendments, clarifying implementation details for the AI Act.

  3. July 7, 2026

    The European Commission publishes the Action Plan on Cybersecurity and Artificial Intelligence.

  4. August 2, 2026

    The EU AI Act's obligations for providers of general-purpose AI (GPAI) models become legally enforceable.

  5. Late 2026

    Target launch date for the secure AI testing platform developed by ENISA and the Joint Research Centre.

  6. 2027

    The EU expects to have full, dedicated capacity to evaluate advanced AI models for cybersecurity risks pre-deployment.

Viewpoints in depth

European Policymakers

Argue that state-backed, structured evaluation of frontier AI is necessary to protect critical infrastructure and ensure digital sovereignty.

For European regulators, the Action Plan is a necessary bridge between the abstract rules of the AI Act and the physical reality of securing a continent. Policymakers argue that leaving the safety testing of frontier AI models entirely to the private sector is an unacceptable risk, especially when those models will be integrated into critical energy, transport, and financial networks. By building a sovereign testing capacity through ENISA and the JRC, the EU aims to ensure that safety standards are dictated by public interest rather than corporate timelines. Furthermore, the push for a 'European Blueprint' for model access reflects a deep-seated desire for digital sovereignty, ensuring that Europe is not cut off from vital defensive tools during geopolitical crises.

Cybersecurity Defenders

Emphasize that AI is accelerating threat timelines, making advanced defensive AI tools essential for survival.

Security professionals view the Action Plan through the lens of an escalating arms race. With the average time to vulnerability exploitation dropping to 'minus seven days,' defenders argue that human analysts can no longer keep pace with AI-automated attacks. For this camp, the most crucial aspect of the Commission's plan is not the restriction of dangerous models, but the structured access to defensive ones. They advocate for rapid deployment of the secure testing platform so that verified defenders can utilize frontier AI for automated patch validation, malware analysis, and threat hunting without being blocked by overly broad safety filters.

AI Model Developers

Focus on the technical challenges of standardizing safety tests for non-deterministic systems and the compliance burden of pre-market evaluations.

While AI companies generally welcome regulatory clarity, the technical community points out the immense scientific difficulty of the Commission's mandate. Developers argue that AI models are inherently non-deterministic, meaning they do not produce the exact same output for a given input every time. Designing a standardized 'red-teaming' sandbox that can definitively certify a model as safe is currently an unsolved problem in computer science. Furthermore, developers warn that the dual-use nature of cyber AI—where the ability to find a vulnerability to fix it is identical to the ability to exploit it—means that overly rigid pre-market evaluations could inadvertently ban the very tools needed to secure European networks.

What we don't know

  • How regulators will scientifically standardize safety tests for AI models, given that generative systems are inherently non-deterministic and produce variable outputs.
  • Whether the pre-market evaluation bottleneck will delay the deployment of crucial defensive AI tools to European infrastructure operators.
  • How the EU will enforce these evaluations on open-source models whose weights are freely distributed online.

Key terms

Pre-Market Safety Evaluation
The process of testing and auditing a product—in this case, an AI model—for potential risks and vulnerabilities before it is allowed to be sold or deployed to the public.
Red-Teaming
A cybersecurity practice where independent experts simulate cyberattacks against a system to identify flaws, bypass safeguards, and test its defenses.
General-Purpose AI (GPAI)
Advanced AI models, like large language models, that are trained on massive amounts of data and can perform a wide variety of tasks rather than being designed for one specific function.
ENISA
The European Union Agency for Cybersecurity, responsible for achieving a high common level of cybersecurity across Europe.
Zero-Day Vulnerability
A software flaw that is unknown to the vendor and has no patch available, meaning defenders have 'zero days' to fix it before it can be exploited.

Frequently asked

Is the Cybersecurity and AI Action Plan a new law?

No. It is a non-legislative policy framework that provides the funding, infrastructure, and technical mechanisms needed to enforce existing laws, primarily the EU AI Act.

When do the AI Act's rules for general-purpose AI take effect?

The general-purpose AI (GPAI) provisions of the EU AI Act become enforceable on August 2, 2026.

What is the 'minus seven days' exploitation window?

It refers to a cybersecurity trend where attackers, often aided by AI, weaponize and exploit software vulnerabilities an average of seven days before the software vendor can release a security patch.

Who will conduct the pre-market safety evaluations?

The evaluations will be conducted within a secure testing platform developed jointly by the European Union Agency for Cybersecurity (ENISA) and the Joint Research Centre (JRC), with full capacity expected by 2027.

Sources

Source coverage

6 outlets

3 viewpoints surfaced

European Policymakers 40%Cybersecurity Defenders 35%AI Model Developers 25%
  1. [1]European CommissionEuropean Policymakers

    Commission presents EU Action Plan on Cybersecurity and Artificial Intelligence

    Read on European Commission
  2. [2]Decent CybersecurityEuropean Policymakers

    The European Commission has published its Action Plan on Cybersecurity and Artificial Intelligence

    Read on Decent Cybersecurity
  3. [3]VerdaioCybersecurity Defenders

    Commission Launches EU Cybersecurity and AI Action Plan: Four Pillars Under AI Act and NIS2

    Read on Verdaio
  4. [4]The Leveraged YearsAI Model Developers

    EU Action Plan on Cybersecurity and AI

    Read on The Leveraged Years
  5. [5]YutoriAI Model Developers

    Commission Action Plan on Cybersecurity and AI

    Read on Yutori
  6. [6]EdTech Innovation HubCybersecurity Defenders

    OpenAI expands GPT-5.5 cyber defense access to Europe through new EU action plan

    Read on EdTech Innovation Hub
Stay informed

Every angle. Every day.

Get technology stories with full source coverage and perspective breakdowns delivered to your inbox.