The European Union is moving to formalize cybersecurity certification for AI systems as part of a broader overhaul of its cybersecurity rules. Policymakers in Brussels are combining elements of the revised Cybersecurity Act with the regulatory thrust of the EU AI Act to create certification pathways that target both technical security and wider operational risks for AI deployed in cloud environments.
That push comes as hyperscale cloud providers and large enterprise consumers wrestle with how to demonstrate compliance across shifting legal and technical expectations, from cloud service assurance to supply‑chain and data sovereignty concerns. The debate has important implications for procurement, market access and how AI services are contracted and certified across the bloc.
Regulators push for AI cybersecurity certification
European institutions have signalled that AI systems will not be exempt from the bloc’s certification ambitions: the European Commission and ENISA are exploring how cybersecurity assurance can be aligned with the AI Act’s risk tiers. Early work by ENISA has included feasibility studies and proposals for an AI‑relevant cybersecurity baseline, reflecting a desire to close security gaps in high‑risk AI deployments.
The objective is twofold: to establish interoperable, EU‑wide proof points of security for AI products and services, and to give procurers a clearer way to compare offerings beyond vendor claims. Certification is being promoted not only as a technical test but as a market signal that can reduce legal and procurement friction for certified suppliers.
Policymakers have emphasised speed and practicality: lessons from earlier schemes (such as EUCC for ICT products) are being used to streamline candidate schemes while ensuring they remain rigorous enough to cover emergent AI attack vectors and operational risks. These trade‑offs will shape the final contours of any AI cybersecurity certification.
What the proposed Cybersecurity Act 2 changes mean
In January 2026 the Commission proposed a revision of the Cybersecurity Act (often dubbed CSA2) that expands the scope and ambition of EU certification. The draft seeks to simplify processes, broaden scheme subjects and accelerate uptake, a response to rising threats and to market demand for harmonised assurance across the single market.
Crucially for cloud and AI, CSA2 discussions have introduced non‑technical assessment criteria that could bring strategic, governance and supply‑chain considerations into certification, moving beyond pure product testing toward holistic service posture evaluations. That shift raises compliance complexity for foreign‑based cloud providers and managed service operators.
Member states and stakeholders are debating where to draw the line between technical controls (encryption, patching, logging) and geopolitical or legal exposure (outsourcing restrictions, access by third‑country governments). The outcome will determine whether certification becomes a narrow safety mark or a broader strategic filter for market participation.
ENISA’s role and the emerging schemes
ENISA, the EU Agency for Cybersecurity, is central to drafting and testing candidate certification schemes (EUCC, EUCS, others). The agency has already published and advanced multiple schemes and is running consultations and pilot certification activities to operationalise standards that can be used across member states.
For cloud services specifically, the EU Cybersecurity Certification Scheme for Cloud Services (EUCS) has progressed to early operational certifications, and ENISA continues to refine technical guidance and conformity assessment modalities relevant to AI workloads run in cloud environments. Those developments create a pathway for cloud providers to obtain recognised assurance for their platforms and services.
ENISA’s public events and working groups in 2026 have focused attention on certification interoperability, requirements for managed security services, and how AI‑related cyber risk should be tested in practice. The agency’s coordination role is designed to ensure national authorities accept a common assessment outcome rather than fragmented local approaches.
Cloud giants face technical and strategic compliance aches
Global cloud providers, particularly the US hyperscalers, are navigating a complex mix of demands: European customers and authorities want certified, sovereign‑minded services, while legal obligations in providers’ home jurisdictions (for example foreign‑intelligence access laws) complicate absolute guarantees of sovereignty. That tension has prompted public statements, industry letters and new procurement frameworks across Europe.
From a technical standpoint, achieving AI cybersecurity certification requires demonstrable practices in model management, secure model training, provenance tracking, access controls and incident response for AI‑specific threats. For cloud providers that host a multiplicity of third‑party AI models and tools, that means reworking platform attestations and transparency commitments.
Strategically, providers must weigh the cost of certification and potential market segmentation against reputational gains. Some vendors are pursuing EU‑based dedicated clouds, contractual commitments and certification pilots to preserve business in regulated sectors, while others say full guarantees of data sovereignty are constrained by competing legal systems.
Market and procurement impacts in Europe
Certification will become a lever in public and private procurement: EU institutions and member states are already favouring certified or sovereign‑aligned suppliers for sensitive workloads. Recent EU tenders for sovereign cloud services and procurement guidance signal that certified status, or the ability to demonstrate conformity, will materially affect competitive bids.
For enterprises, the certification landscape promises clearer risk allocation: buyers will be able to require certified AI/cybersecurity postures in contracts, reducing uncertainty in downstream liability and incident scenarios. However, smaller cloud and AI vendors could struggle with certification costs and complexity unless simplified or tiered schemes are adopted.
European cloud alliances and trade groups are already proposing complementary frameworks (for example sovereignty and resilience frameworks) to help non‑hyperscale providers compete and to offer procurers pragmatic assessment tools beyond a single certificate. The interplay between voluntary industry frameworks and mandatory EU schemes will shape procurement behaviour in the near term.
Practical steps for enterprises and cloud providers
Enterprises should map AI deployments against the evolving EU risk framework and prioritise high‑risk systems for security hardening and supplier assurance. Practical measures include requiring cloud providers to present relevant EUCS or equivalent certification artefacts, documenting model supply chains, and embedding contractual audit rights and incident reporting obligations.
Cloud providers need to accelerate capability mapping: align platform controls with ENISA guidance, invest in conformity assessment processes, and engage early with national certification bodies. Piloting certification on representative workloads can reduce time‑to‑market and surface gaps in model lifecycle controls.
Both buyers and suppliers should anticipate that certification will evolve rapidly, initial schemes will be refined after early deployments, and adopt modular contractual approaches that allow updates as standards mature. Cross‑industry collaboration and transparent reporting will be key to making certification credible and practicable.
In the short term, expect a patchwork of certifications, industry frameworks and procurement rules as the EU transitions from candidate schemes to broader operational adoption. Firms that engage early with the certification process and adapt governance practices will have an advantage in regulated markets.
Ultimately, the EU’s move to certify AI cybersecurity reframes compliance as a multidimensional requirement encompassing code, data, contracts and governance. For cloud giants, that means engineering changes and legal work; for regulators and buyers, it offers a mechanism to raise assurance across the digital supply chain.
The transition will not be frictionless: certification timelines, costs and geopolitical sensitivities will produce negotiation and adaptation across the market. But if well executed, certification could provide a shared baseline of trust that lowers systemic cyber risk associated with AI services in European markets.
