When the US Department of Commerce suspended access to Anthropic’s Fable 5 and Mythos 5 models in June 2026, European organisations defending critical infrastructure lost access to AI systems they had come to depend on, with approximately 90 minutes’ notice. They had no recourse, no alternative process, and no prior warning. Brussels noticed. The Action Plan on Cybersecurity and Artificial Intelligence, published by the European Commission on July 7, 2026, is in significant part the EU’s institutional response to what that episode revealed: that the bloc’s cybersecurity posture is now partially contingent on decisions made in Washington.
The plan is not new legislation. It is a structured implementation framework that layers on top of the AI Act, the Cyber Resilience Act, NIS2, DORA, and the Cyber Solidarity Act. What it adds is a coordinated programme of action: a third-party AI model evaluation capacity, a blueprint for secure access to advanced AI systems, a secure testing platform, and a competition-like EU Grand Challenge to grow European AI cybersecurity capabilities from within.
KEY DEVELOPMENTS
- The European Commission published its Action Plan on Cybersecurity and Artificial Intelligence on July 7, 2026, structured around three pillars: safe use of advanced AI, strengthening cyber resilience against AI-driven threats, and building European AI leadership in cybersecurity.
- The plan establishes a EU evaluation capacity to assess advanced AI models for cybersecurity risks before they reach the EU market, expected to be operational by 2027, underpinned by the AI Act’s general-purpose AI model requirements taking effect August 2, 2026.
- ENISA and the Commission’s Joint Research Centre will build a secure testing platform for AI cybersecurity capabilities by Q4 2026, and a European Blueprint for structured access to advanced AI systems will be published by Q4 2026.
- The plan was directly triggered by the June 2026 Anthropic Fable 5 and Mythos 5 export control episode, which exposed the EU’s dependency on US government decisions for access to the frontier AI models its own critical infrastructure relies on.
What the Action Plan Contains
The official European Commission plan is organised around three objectives. The first is promoting the safe and responsible use of advanced AI: here the Commission will build EU evaluation capacity to assess frontier AI models for cybersecurity risks before they enter the EU market, in line with the AI Act’s general-purpose AI model requirements that take effect on August 2, 2026. That evaluation capacity is expected to be operational by 2027 and will strengthen third-party assessment independent of the companies developing the models. The second objective is strengthening EU cybersecurity against AI-driven threats: ENISA and the Joint Research Centre will create a secure European platform to test AI for cybersecurity, including in simulated environments, by the end of 2026. ENISA will separately publish guidelines, recommendations, and best practices for AI-driven cyberattack defence from Q3 2026. The third objective is building European technological leadership: the EU will launch an EU Grand Challenge on AI for cybersecurity to generate European-developed solutions, while continuing to invest in AI Factories and future Gigafactories as sovereign AI infrastructure.
The Commission and ENISA will together develop a European Blueprint for structured access to advanced AI capabilities for cybersecurity purposes by Q4 2026. The Blueprint will define which categories of organisations — EU institutions, national authorities, critical infrastructure operators, cybersecurity providers, research bodies — can access the most capable AI systems, on what terms, and with what oversight. That last piece is the most commercially sensitive element of the plan: it implies the Commission expects to define conditions for EU organisations to access US-developed frontier models without depending on those providers’ unilateral decisions about who gets access and when.
The Anthropic Trigger: Why This Plan Landed in July
The Agence Europe bulletin published four days before the action plan noted the direct link explicitly: the plan was developed in the wake of the US export control restrictions imposed on Claude Fable 5 and Mythos 5, and subsequently on GPT-5.6. The suspension of Fable 5 in June 2026 revealed that Mythos 5, which Project Glasswing partners were using for authorised security research and critical infrastructure defence, could be taken offline by a US government decision with no EU recourse. That exposure is precisely what the Blueprint for structured access is designed to address in the long term: European organisations should not be entirely dependent on the commercial and geopolitical decisions of non-European AI developers for access to the tools their own cybersecurity operations require.
Executive Vice-President Henna Virkkunen, responsible for Tech Sovereignty, Security and Democracy, framed the threat landscape in terms that make the dependency problem concrete. Advanced AI models “can now build cyber exploits in minutes or hours at a fraction of the cost of vulnerability discovery by trained humans.” That capability is simultaneously what makes frontier AI valuable for defensive cybersecurity and what makes it dangerous in the wrong hands. The same model that helps a European bank’s security team patch vulnerabilities faster than any previous tool can, if accessed without guardrails, help a threat actor find those vulnerabilities first.
The Mechanism: Layering on Existing Law
AI Act General-Purpose AI Model Rules
The AI Act’s general-purpose AI model requirements — which apply to models above a compute threshold that covers virtually all current frontier systems — come into full effect on August 2, 2026, less than a month after this action plan was published. Those requirements include systemic risk assessment obligations for the most capable models, transparency requirements, and cooperation obligations with the AI Office. The action plan’s new evaluation capacity is designed to give the AI Office the independent technical expertise to actually assess what providers submit, rather than taking company-conducted evaluations at face value. That is a structural improvement on the current state, in which leading AI labs including OpenAI and Anthropic have preferred to work with the UK AI Security Institute for evaluations precisely because the UK body holds no regulatory authority.
The Structured Access Blueprint
The structured access concept is the most strategically significant element of the plan and the most technically complex to implement. It requires defining which European organisations get access to which AI capabilities, under what conditions, with what monitoring and oversight, and through what legal mechanism — in a situation where the underlying models are owned by non-European companies subject to their own governments’ export control regimes. The agentjacking vulnerabilities documented in AI coding agents illustrate the security surface that structured access must navigate: allowing cybersecurity organisations to run frontier AI in authorised red-team scenarios requires giving those agents meaningful system access, which simultaneously creates new attack surfaces if the access controls are not correctly designed. ENISA’s role in developing the Blueprint will require it to produce guidance that is technically precise enough to be operationally useful rather than aspirationally vague.
Reactions: The Honest Critique
The plan’s most pointed criticism came from Euronews, which noted that Brussels has “little to offer beyond recommendations and an attempt to negotiate early access with US AI companies.” That is a fair characterisation of the gap between the plan’s ambition and its current deliverables: what was published is a coordinated set of intentions, not a funded procurement programme with named contractors and binding timelines. The Commission has not attached specific budget figures to the evaluation capacity, the testing platform, or the Grand Challenge. The structured access Blueprint commits to defining conditions for model access but does not specify what happens when US providers refuse those conditions or when a US government export control decision overrides any negotiated access arrangement.
Dutch MEP Bart Groothuis offered the sharpest characterisation of the threat the plan is responding to: “Your software and IT systems will be tested by hackers, aided by the latest AI models. Hackers will operate at the speed of light and will try to put you out of business.” That framing is operationally accurate and captures why the timing of the action plan — concurrent with the Geneva AI governance dialogue and with the AI Act’s August enforcement date — is not coincidental. European regulators are trying to build implementation infrastructure for a threat environment that is moving faster than any previous regulatory cycle has been designed to handle.
What Happens Next
The August 2, 2026 AI Act enforcement date for general-purpose AI model requirements is the most immediate landmark. Frontier model providers serving EU customers will face their first formal compliance obligations, and the AI Office will begin its supervisory role. The Commission has committed to launching the call to increase EU evaluation capacity shortly after that date. By Q4 2026, both the secure testing platform and the European Blueprint for structured access should be published. The EU Grand Challenge on AI for cybersecurity will be launched on a timeline the plan does not specify precisely but which observers expect to align with the next European Cybersecurity Month in October. The second meaningful test is whether the Blueprint for structured access produces an actual framework that US AI providers will accept, or whether it becomes a paper standard that the market ignores because providers have no legal obligation to comply with EU access terms so long as they are not operating regulated systems inside the EU.
Why It Matters
The EU Action Plan on Cybersecurity and Artificial Intelligence matters most for what it makes explicit rather than what it immediately delivers. It establishes formally that the European Commission views AI-driven cybersecurity threats as a category of risk that requires its own coordinated regulatory response, distinct from general AI safety regulation. It connects that response to the EU’s sovereignty concern about dependence on non-European AI models. And it sets a Q4 2026 deadline for the most operational pieces — the evaluation capacity, the testing platform, the structured access blueprint — that will determine whether this plan is the beginning of an enforceable EU AI security framework or another policy document that moves faster than the institutions designed to implement it.
Sources
European Commission official press release and action plan (commission.europa.eu, digital-strategy.ec.europa.eu), July 7, 2026. Euronews, July 7, 2026. Agence Europe Bulletin, July 4, 2026 (preview). EU AI Act official framework page (digital-strategy.ec.europa.eu).