The European Commission has presented its Action Plan on Cybersecurity and AI, a mandate that requires mandatory pre-market security evaluations and third-party risk assessments for advanced AI software before it can be placed on EU markets. The plan puts frontier AI not as a consumer product requiring labelling and transparency disclosures – which is the EU AI Act’s primary approach – but as an active security risk requiring inspection before deployment.
This distinction holds weight for software vendors. Consumer product regulation asks you to describe what your product does and disclose its limitations. Security evaluation asks whether your product can be exploited, what vulnerabilities it introduces into the systems it connects to, and whether it has been assessed by a qualified third party before it goes on sale. These are different compliance requirements, and for most software vendors operating in the EU, the cybersecurity evaluation pipeline is a new layer that didn’t previously apply to software products.
Mapping The Action Plan’s Mandates
The Action Plan’s mandatory elements cover two main areas. Pre-market security evaluations require vendors to assess their AI systems against defined security criteria before launch, covering vulnerability to adversarial inputs, robustness against manipulation and resistance to data poisoning. Third-party risk assessments apply to vendors whose AI products interact with critical infrastructure, government services or high-risk applications – requiring an independent auditor’s sign-off over self-certification.
The plan integrates with existing EU cybersecurity architecture. The Cyber Resilience Act – which entered into force in late 2024 – already established mandatory security requirements for connected products throughout their lifecycle – while the Cybersecurity Act created the ENISA certification framework. By embedding AI-specific security requirements into that existing structure rather than creating a separate regulatory silo – the AI Action Plan means that compliance teams at software companies must assess their products against a layered set of requirements – instead of a single rulebook.
The categories of software most directly affected are those classified as high-risk under the EU AI Act – AI systems used in employment, education, critical infrastructure management, law enforcement or access to essential services – and AI systems that interact with or are implemented within critical infrastructure as defined under the NIS2 directive. General-purpose AI models with significant capability thresholds also fall within scope. Consumer-facing products like productivity tools, creative applications or recommendation systems are less directly affected unless they cross the high-risk use case thresholds.
More from Cybersecurity
- The Most Active Ransomware Group: Who Are The Gentlemen?
- Hackers Are Using AI Vibe Coding To Build Custom Malware
- Why Cybersecurity’s Talent Gap Refuses To Close
- Can You Trust Your Staff To Spot A Sophisticated Phishing Email?
- Certs, Degrees or Bootcamps: The Real Roadmap Into Remote Cybersecurity
- Britain’s Museums Are Sitting Ducks For Cyber Attacks And The Government Has No Plan To Fix It
- Utilities Face Mounting Cyber Pressure From Ageing Systems And Unpatched Infrastructure
- Hackers Used A Small Business’s Own Server To Spam 9 Million People With A Fake Boots Survey
Navigating Compliance In Practice
The primary compliance challenge is the third-party assessment requirement. Self-certification – where a vendor assesses its own product against a checklist and signs a declaration of conformity – has been the standard model for most software regulation. Third-party assessment requires engaging an accredited conformity assessment body, preparing documentation sufficient for external review and potentially making architectural or security changes based on the findings. That’s a different order of cost and timeline than standard CE marking or GDPR compliance preparation.
The assessment bodies that will conduct these evaluations are being designated under the existing ENISA and national cybersecurity certification frameworks. Vendors will need to identify which body has competence for their product category in the relevant member state and factor the assessment timeline into their launch planning. Waiting for assessment to clear before launch is a real constraint for companies used to iterative software deployment.
For UK software vendors selling into the EU – the post-Brexit reality is that UK conformity assessment bodies are not automatically recognised for EU certification purposes. Vendors may need to engage an EU-based assessment body or pursue mutual recognition arrangements for their specific product category. This is the same issue that UK manufacturers face for CE marking under the Cyber Resilience Act, and the practical effect is an additional step in the compliance process for UK-origin products entering the EU market.
What Does This Development Signal?
The Action Plan is the clearest signal that the EU is moving toward treating advanced AI software as infrastructure rather than as software-as-a-service. Infrastructure gets regulated before it goes live, assessed by third parties and subject to ongoing obligations that don’t end at the point of first sale. This represents a fundamentally different regulatory relationship than the one software vendors have historically operated under.
The timeline for full implementation of the mandatory requirements isn’t set out in a single hard deadline – different elements come into force as the underlying legislation matures. The Cyber Resilience Act’s requirements apply from 2027 for most products. The AI Act’s phased implementation runs through 2026 and 2027. The Action Plan overlaps with both – requiring vendors to map their specific product categories against both frameworks to determine which requirements apply and on what timeline.
For software vendors with AI features on their roadmaps, building compliance preparation into product development is a necessity rather than a pre-launch checklist. The assessment process for a complex AI system will take months and the findings may require architectural changes that are cheaper to make early. The EU market is large enough that most serious vendors won’t walk away from it. The cost of preparing for a compliance pipeline you didn’t anticipate is higher than the cost of planning for one you knew was coming.
