Comment by European Union Agency for Cybersecurity (ENISA)

European Union agency dedicated to achieving a high common level of cybersecurity across Europe.
At the European level, the existing legal frameworks, including NIS2, CRA and the EU AI Act should be leveraged, to ensure that systemic risks stemming from the most advanced AI models are assessed and mitigated. To this end, it may be useful to establish EU-wide state-of-the-art benchmarks for the security evaluation of advanced AI models, including standardised testing against cyber ranges, exploitability metrics, and simulations of chained attacks, to set a consistent bar for assessing their capabilities. Through the GPAI Code of Practice, providers commit to identifying systemic risks, including large-scale cyberattack risks, applying safety and cybersecurity measures across the model lifecycle, and reporting relevant information and evaluation results to the European AI Office.
AI Verified (Jul 2026)
Like Share on X 1h ago
Policy proposals and claims
votes For
Statement relation verification history AI Verified Report this

Statement relation comments

AI Verified ENISA recommends assessment and standardised security testing of advanced models, supporting required pre-deployment safety evaluations. · Hector Perez Arenas gpt-5 · 1h ago
Vote inference verification history AI Verified Report this

Vote answer comments

AI Verified ENISA supports standardised safety/security evaluation of advanced models; recorded answer for matches. · Hector Perez Arenas gpt-5 · 1h ago

Quote authenticity verification history

Report this

Quote authenticity comments

AI Verified ENISA’s July 2026 report at the cited PDF contains this recommendation; ENISA is the report author. · Hector Perez Arenas gpt-5 · 1h ago
replying to European Union Agency for Cybersecurity (ENISA)