AI Regulatory Intelligence โ€” by YRproject

factual analysis · traceable to primary sources

Compliance platform Work with us LinkedIn NLยทENยทDE
Guide

The AI Act for CISOs: Article 15, NIS2 and the CRA

Adopted 2026-06-22 ยท ≈ 2 min read ยท Dirk Baaijen

The AI Act sets requirements in Article 15 for the accuracy, robustness and cybersecurity of high-risk AI. For the CISO this stacks on top of NIS2 and the Cyber Resilience Act. This guide explains the overlap and what security teams must concretely arrange.

Short answer: The AI Act makes cybersecurity a legal requirement for high-risk AI. Article 15 demands that these systems are accurate, robust and secure against attacks aimed specifically at AI. For the CISO this stacks on existing regimes: NIS2 for the organisation and the Cyber Resilience Act for products with digital elements. One security approach, three legal pegs.

What Article 15 requires

Article 15 of the AI Act states that high-risk AI must achieve an appropriate level of accuracy, robustness and cybersecurity โ€” consistently across its entire lifecycle. What stands out is that it names AI-specific attacks:

  • Data poisoning โ€” manipulation of training data.
  • Model poisoning โ€” manipulation of the model itself.
  • Adversarial examples โ€” inputs that deliberately mislead the model.
  • Model evasion and confidentiality attacks โ€” bypassing or leaking the model.

These are risks that classic perimeter security does not cover. They demand controls on data integrity, model monitoring and resilience testing.

Overlap with NIS2

NIS2 obliges essential and important entities to carry out risk management, security measures and incident reporting. Where the AI Act zooms in on the AI system, NIS2 looks at the whole organisation and supply chain. An AI incident can fall under both reporting duties. Align incident processes so that one event does not lead to contradictory or duplicate reports.

Overlap with the CRA

The Cyber Resilience Act sets security requirements for products with digital elements throughout their lifetime, including vulnerability handling and updates. AI systems placed on the market as a product touch both the CRA and the AI Act. The good news: the requirements largely converge around secure-by-design and lifecycle security.

One approach, multiple pegs

Do not try to build three separate programmes. Extend your existing information security management system with AI-specific controls and connect it to the broader governance framework. The CISO delivers the security part of AI Act conformity; the product team and the DPO deliver the rest.

What to do

  • Inventory which AI systems are high-risk โ€” see high-risk obligations.
  • Extend your risk assessment with AI-specific threats (poisoning, adversarial, evasion).
  • Implement model monitoring and data integrity controls.
  • Test robustness through red-teaming and adversarial testing.
  • Harmonise incident processes across the AI Act, NIS2 and CRA.
  • Document the security measures taken as part of the technical documentation.

For the CISO the AI Act is not a new discipline but a new scope. The attack techniques differ; the discipline of inventory, protect, detect and respond stays the same.

Sources

  1. https://eur-lex.europa.eu/eli/reg/2024/1689/oj
    Regulation (EU) 2024/1689 (AI Act): Article 15 on accuracy, robustness and cybersecurity of high-risk AI.
  2. https://eur-lex.europa.eu/eli/dir/2022/2555/oj
    Directive (EU) 2022/2555 (NIS2): cybersecurity obligations and incident reporting for essential and important entities.

Share on LinkedIn

Read next

A

Securing AI in critical infrastructure: where the AI Act, Cyber Resilience Act and NIS2 meet

A single AI system in a port often falls under three frameworks at once: the AI Act (Art. 15) secures the AI system itself, the Cyber Resilience Act the product, and NIS2 obliges the operator as an essential entity. This piece explains how they meet and who is responsible for what.

W

Accuracy, robustness and cybersecurity: Article 15 of the AI Act

Article 15 requires high-risk AI to achieve an appropriate level of accuracy, robustness and cybersecurity across its lifetime. The system must withstand errors, faults and attacks such as data poisoning and adversarial input. This guide explains what that means.

U

AI and cybersecurity: the overlap of the Cyber Resilience Act and the AI Act

AI products must be both safe and cyber-resilient. The Cyber Resilience Act sets security requirements for products with digital elements, while the AI Act requires cybersecurity of high-risk systems โ€” two frameworks meeting on one product.

Dirk Baaijen

About this knowledge base

Compiled and maintained by YRproject โ€” programme and project direction at the intersection of digital transformation, AI and regulation. Every factual claim is traceable to its primary source. YRproject is led by Dirk Baaijen About & method โ†’

A project or programme? Work with YRproject โ†’

The monthly briefing

AI regulation in five minutes: what changed, what is coming and what it means. No spam, unsubscribe anytime.

Your address is used for this only and stored on our own servers.