At the latest InCyber Forum held in Lille in March 2024, a conference discussed the cyberthreats that could affect the European Union and its Member States. It also debated the possibility for the emergence of EU rules and champions, especially in the deployment of artificial intelligence. Several expert presentations highlighted a number of key points.

As Executive Director of ENISA (the European Union Agency for Cybersecurity celebrating its 20th anniversary this year), Juhan Lepasaar exposed the core lessons from its new study on the cybersecurity threats facing Europe for 2030.

Classical vulnerabilities have yet to disappear

First, he discussed traditional yet current threats that can jeopardize supply chains. With the ever-growing integration and connectivity between suppliers, producers, distributors and customers, potential vulnerabilities have proliferated in increasingly complex IT systems where attacks can more easily avoid detection.

This ties in with another possible weakness: the ability to develop and install patches when flaws are detected. Currently, on average it takes more than a month to correct an identified flaw. ENISA has created a database for Europe that lists all identified vulnerabilities to accelerate cooperation between the various players and bring faster security solutions.

The lack of cybersecurity experts in Europe is another major concern. The need for these professionals is growing, but those with the necessary skills are rare. Yann de Karsauson, from recruitment firm Arthur Hunt Executive Search, shared this observation in a recent interview with InCyber. To help solve this problem, ENISA and its partners have created a reference document that will identify the required skills and intensively train and certify professionals in them.

In his conclusion, Juhan Lepasaar briefly discussed artificial intelligence, which will undeniably contribute to a rise in cyberthreats in the coming years. He mentioned the upcoming European elections on June 9, which are already the target of a variety of attacks, especially the use of deepfakes to muddy the debates and influence votes. He also raised a second point of attention: natural disasters resulting from climate change, the increasing frequency and destructive impacts of which are seriously threatening the resilience of digital infrastructures, with floods and droughts that can lead to cracks in the infrastructure, for example.

Reconciling the “Rules of the Game” with the “Art of the Game”

A round table then brought together Wojciech Wiewiorowski, the European Data Protection Supervisor based in Brussels, and Nicolas Miailhe, cofounder of Paris start-up Prism Eval specialized in the evaluation and interpretability of innovative AI models and systems. The heart of the discussion revolved around the rather unprecedented choice the European Union made in regulating artificial Intelligence. Whereas other countries like China and the US are regulating relatively little – or not at all – the EU-27 decided to adopt solid regulatory frameworks to grow its AI industry and protect itself from certain dangers.

On March 13, the EU Parliament adopted the AI Act to regulate artificial intelligence and how it is used. As the first initiative of this scale according to Wojciech Wiewiorowski, this regulation places obligations on AI system users and designers according to the system’s level of risk and security. For Nicolas Miailhe, this approach represents a courageous bid to adopt a set of rules and build a market that is in line with European values.

He did counterbalance his argument, however, by hoping that bureaucracy won’t interfere excessively and hamper European players’ innovation. In his view, if the regulatory framework is applied intelligently, it could foster a European AI industry with reliable, robust standards that could stand as a future international reference. But one condition remains essential: the European regulator must have skilled, highly specialized professionals who know what AI is. Overcoming this challenge may prove difficult given the current lack of available talent on the market, hence the priority to reconcile the rules of the game with the art of the game!

Helsing: the Right Path?

But is this just wishful thinking? American tech giants like Google, Meta and Apple have already taken the global lead when it comes to artificial intelligence, not to mention the alliance between OpenAI, Microsoft and Nvidia. In Europe, this monopoly is the subject of intense discussions. Is it too late to counterbalance the US’s supremacy with homegrown champions? Some people think that introducing a preference in awarding European public contracts could nurture solid competitors to American players. In France, companies like Mistral AI, Hugging Face and LightOn show real promise, although Mistral AI has raised doubts recently by signing a partnership with Microsoft.

As Vice President of Helsing, a European start-up specialized in artificial intelligence for the defense industry, Antoine Bordes was keen to show that a viable, European player can emerge. Founded in Germany in 2021 with a €100 million investment from Swedish fund Prima Materia, Helsing later expanded to the United Kingdom and France to work with the three largest military forces in Europe. Today, the company provides software that uses high-performance AI to allow armed forces to process available data in real time in order to make quick decisions and maneuvers on the field. This serves as proof that pooling talent and capabilities can promote the emergence of solid European champions.

Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
Stay tuned in real time
Subscribe to
the newsletter
By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.