­­AI in cybersecurity

Artificial intelligence is rapidly changing the cybersecurity landscape, offering new ways to detect threats and strengthen defences, but also introducing fresh risks. This article is part of ARISA’s series exploring how AI is transforming different sectors. Here, we take a closer look at its impact on cybersecurity — from the benefits and challenges to the EU’s role through the AI Act and the Cyber Resilience Act. We also touch on how AI is shaping the cybersecurity workforce, opening new opportunities while revealing key skill gaps.

Benefits of AI in cybersecurity

According to the European Parliament’s brief on artificial intelligence and cybersecurity, AI has been introduced in a rapid pace into our daily lives. It not only influences the digital landscape but simultaneously impacts personal data security and national defence strategies, making cybersecurity more critical than ever. Therefore, cybersecurity is essential for ensuring AI systems are reliable and resilient, extending beyond protection from attacks to include trustworthiness features such as human oversight and robustness, as mandated by the EU’s AI Act for high-risk systems.

The advertised cases represent four categories: 

• Detection – AI can enable cybersecurity professionals to enhance and scale their threat detection efforts.
• Prediction – AI systems are capable predicting threats and risks.
• Analysis – AI technologies are able to analyse code and classifying malware.
• Threat mitigation – AI-powered solutions automate incident response, accelerating response times. They can prioritise threats, detect patterns, and help predict future attacks.

Current threats

The 2024 ENISA Report on the State of Cybersecurity in the Union shows that the probability of AI disrupting or enhancing cyberattacks has risen, an unsurprising trend given the widespread attention on large-scale AI applications and the growing focus on the ethical use of newly released and emerging AI models.

The IBM report highlights that at the present moment, prompt injections are a major security vulnerability because these attacks can exploit LLMs, enabling hackers to spread malware and misinformation, steal sensitive data, and even take control of systems and devices.
Prompt injections require little technical knowledge. Just as LLMs can be programmed with natural-language instructions, they can also be manipulated using plain English. 

The EU’s role

As digital technologies evolve, the European Union is positioning itself as a global leader in cybersecurity governance. Through landmark legislation such as the AI Act and the Cyber Resilience Act (CRA), the EU is establishing a robust framework that ensures both innovation and protection in an increasingly AI-driven world.

The EU AI Act embeds cybersecurity directly into AI product regulation — the first law globally to do so. Furthermore, it bridges the gap between technical security (robustness, resilience) and legal compliance. It creates a baseline for trustworthy AI, ensuring that AI systems used in critical sectors (e.g., health, transport, energy) are safe and resistant to manipulation. At its core, Article 15 sets out requirements for robustness, accuracy, and cybersecurity, demanding that high-risk AI systems be resistant to manipulation, data poisoning, or model tampering. Developers must continuously test and monitor their systems to prevent vulnerabilities, ensuring security-by-design throughout the AI lifecycle.

Complementing the AI Act, the Cyber Resilience Act introduces cybersecurity obligations for all products with digital elements, from smart devices to AI-powered software. Manufacturers will be required to design secure products, provide regular security updates, and report significant cyber incidents within 24 hours. Failure to comply can lead to substantial penalties, highlighting how seriously the EU takes cybersecurity in the digital single market. The CRA ensures that both hardware and software across Europe are built on a foundation of security, accountability, and continuous protection.

Additionally, the European Commission has announced a €1.3 billion investment to deploy critical technologies essential for Europe’s future through the Digital Europe Programme.
This funding aims to enhance the continent’s technological sovereignty, focusing on areas such as artificial intelligence, quantum computing, and cybersecurity. Therefore, this initiative underscores the EU’s commitment to strengthening its digital infrastructure and reducing reliance on non-EU technologies.

Effects on skills and workforce

In recent years, the growing reliance on technology and digital platforms across sectors has transformed the nature of work and the skills in demand. As businesses integrate more digital tools and practices, the need for professionals with digital expertise has surged, spanning roles from software developers to data analysts.

The OECD report highlights that there is still a significant workforce gap, with Europe facing a shortage of over 300 000 professionals. To reduce the skill gap, multiple policies and initiatives have been implemented in EU member states. However, the most effective way seems to be the involvement of the industry by providing work-based learning opportunities in the sector. Apprenticeships for graduates have been crucial as well by establishing strong connections with specific companies and industries, which often result in securing immediate permanent job placements. 

According to the report, education plays a vital role. In France, diversifying cyber security education and training programmes are crucial in addressing the growing demand for skilled professionals. The OECD report states that the emphasis on diversifying is based on gender-inclusivity with the aim of increasing the number of female participants.
The report shows that women represent only 24% of the global cybersecurity workforce.

In France, the percentage is lower only 17%, partially as a result of the small proportion of women trained in the information and communication technology field (ICT).
However, OECD countries such as Norway (31%) and Sweden (27%) have a higher percentage of female ICT graduates. Therefore, it is crucial to prioritise attracting, recruiting, and retaining more women in the field. Moreover, providing effective cybersecurity training at every level is essential to address both the shortage of skilled professionals and the general public’s limited understanding of cybersecurity.

What key skills are needed in cybersecurity? 

In a rapidly changing cybersecurity landscape, fostering a strong cybersecurity culture, retaining talent, and enhancing skills are essential. Placing people at the center of digital transformation is a key focus of the EU’s Digital Decade vision. The demand for people with ICT and cybersecurity skills is increasing but at the same time, cybersecurity skills and talent shortage are on the rise as well.
The 2024 Eurobarometer survey shows that the shortage of cybersecurity professionals is a significant concern: about 70% of companies faced recruitment difficulties in 2023. Additionally, 76% of cybersecurity employees lack formal qualifications or certified training, with 34% coming from non-cyber related role and 57% taking on cybersecurity responsibilities alongside their existing duties.

According to the 2024 ENISA Report, OESs (Operators of Essential Services) and DSPs (Digital Service Providers) plan to hire information security staff in the next two years. Most hires are expected in cybersecurity operations (56%), followed by IT security architecture & engineering (42%), and cybersecurity governance & risk (36%).
Most importantly, 83% of OESs and DSPs claim they experience recruitment difficulties in IT security architecture and engineering (34%).

Boosting AI skills across sectors

While cybersecurity is one example of how AI is transforming the world of technology, the need for digital and AI-related skills extends far beyond it. The ARISA project equips organisations and individuals across different sectors with the skills needed to adopt AI in a responsible, inclusive, and sustainable way—supporting Europe’s wider transition to an AI-ready workforce. The ARISA Academy offers a free, online training programme designed for students, professionals, and educators. With seven expert-led courses, the Academy provides a structured learning path covering AI fundamentals, machine learning, cybersecurity, and more. Whether you’re looking to upskill, reskill, or enhance your curriculum, the ARISA Academy has something for you.

Sources:

European Union Agency for Cybersecurity (ENISA). (2024, December 3). 2024 Report on the State of the Cybersecurity in the Union. https://www.enisa.europa.eu/publications/2024-report-on-the-state-of-the-cybersecurity-in-the-union

European Commission. (n.d.). AI Act | Shaping Europe’s digital future. Retrieved October 27, 2025, from https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai

European Commission. (n.d.). Annex III: High-Risk AI Systems Referred to in Article 6(2). Retrieved October 27, 2025, from https://artificialintelligenceact.eu/annex/3/

European Commission. (2025, March 27). Commission to invest €1.3 billion in artificial intelligence, cybersecurity and digital skills. Press release. https://ec.europa.eu/commission/presscorner/detail/en/ip_25_907

European Commission. (2024, May). Cyberskills – May 2024: Flash Eurobarometer 547. Retrieved October 27, 2025, from https://europa.eu/eurobarometer/surveys/detail/3176

European Commission. (n.d.). Europe’s Digital Decade: digital targets for 2030. Retrieved October 27, 2025, from https://commission.europa.eu/europes-digital-decade-digital-targets-2030-documents_en

European Commission. (n.d.). The Digital Europe Programme. Retrieved October 27, 2025, from https://digital-strategy.ec.europa.eu/en/activities/digital-programme

European Parliament. (2024, April). Artificial intelligence and cybersecurity (EPRS ATA 2024/762292). https://www.europarl.europa.eu/RegData/etudes/ATAG/2024/762292/EPRS_ATA%282024%29762292_EN.pdf

Kosinski, M., & Forrest, A. (2025, October 27). What is a prompt injection attack? IBM. https://www.ibm.com/think/topics/prompt-injection

Organisation for Economic Co-operation and Development (OECD). (2024, February 6). Building a skilled cyber security workforce in Europe. https://www.oecd.org/en/publications/building-a-skilled-cyber-security-workforce-in-europe_3673cd60-en.html