The European Commission’s Joint Research Centre (JRC) has published a report on Cybersecurity of Artificial Intelligence in the AI Act.  

The report focuses on the cybersecurity requirement for high-risk AI systems, as set out in Article 15 of the European Commission’s proposal for the AI Act. It presents a high-level analysis in the context of the rapidly evolving AI landscape, and provides a set of key guiding principles to achieve compliance with the AI Act. 

The main focus of the report is on the security risk assessment that should be conducted to ensure compliance. This risk assessment would identify risks, and implement the necessary mitigation measures.  

The report concludes that while AI systems may still achieve compliance with the AI Act’s cybersecurity requirement as long as their cybersecurity risks are effectively mitigated through other measures not exclusively deployed at AI model level, this may not always be possible. For some high-risk AI systems, using emerging AI technologies, it may not be feasible to achieve compliance with the cybersecurity requirement of the AI Act. 

The solutions developed in the AI4CYBER aim to respect European fundamental values and principles, including the AI Act once it enters into force.  

You can find the report here.