05

Brussels turns the AI Act's cyber requirements into a market for evaluations and structured access

verifiedLegalRegulation

Thursday, July 9, 2026

Confidence

High · — regulator primary source with multi-outlet corroboration; funding figures and evaluation-capacity timeline unattached

Evidence

EU Commission primary + factsheet + MLex analysis

The European Commission presented its Action Plan on Cybersecurity and Artificial Intelligence on 7 July, operationalizing the AI Act's pre-market model-evaluation requirement rather than proposing new legislation.
  • MLex reports the plan will not be accompanied by new legislation; it enforces what is already on the books.
  • Under the AI Act, advanced AI models must be evaluated and their risks assessed before being placed on the EU market, and the Commission will help establish an EU evaluation capacity to strengthen third-party assessment, supporting the AI Office.
  • The Commission will work with ENISA to define a European blueprint for structured access to advanced AI capabilities, and ENISA and the Joint Research Centre will create a secure platform to test AI for cybersecurity — bringing know-how on safe AI use to operators in critical sectors.
  • The AI Act's general-purpose provisions start to be enforced on 2 August 2026.

Sources

Apply this today

The hands-on layer the brief points to: a workflow you can run, a tool to test, and today’s 60-second video.