The Framework for AI Cybersecurity Practices (FAICP), from ENISA
What is the Framework for Artificial Intelligence Cybersecurity Practices (FAICP), from ENISA?
June 2026 - The Framework for Artificial Intelligence Cybersecurity Practices (FAICP), from the European Union Agency for Cybersecurity (ENISA), lays down harmonised rules for the placing on the market, the putting into service, and the use of artificial intelligence systems in the European Union.
Many of the considerations addressed by the FAICP remain relevant in the AI governance and regulatory landscape. Since the publication of the FAICP, the ecosystem of AI governance, cybersecurity, and risk management has evolved significantly. Organizations now consider AI cybersecurity in the context of a broader set of frameworks, standards, regulations, and guidance documents, including the EU AI Act, the NIST AI Risk Management Framework (AI RMF), and sector specific requirements.
FAICP continues to provide structured guidance on AI cybersecurity across the lifecycle of AI systems, from conception and development to deployment, operation, maintenance, and decommissioning. Its layered approach contributes to discussions on how cybersecurity considerations can be integrated into AI systems and supporting infrastructures.
As of June 2026, we are not aware of any officially announced updated version of the FAICP, nor of any publicly available roadmap, consultation process, or formal indication regarding future revisions or development activities. This website presents the framework as published and made publicly available through the original ENISA supported initiative.
The FAICP framework consists of three layers:
- Basic cybersecurity relevant to AI,
- AI specific cybersecurity, and
- Sector-specific cybersecurity for AI.
The framework adopts the view that AI systems are hosted by an ICT infrastructure and, as such, the stakeholders need to first conduct their basic cybersecurity practices (Layer I).
Then they need to pay attention to additional cybersecurity challenges that the AI systems reveal due to their dynamic and socio-technical nature and complement their efforts with additional cybersecurity practices (Layer II).
Finally, the use of AI systems in various economic sectors require further cybersecurity practices to be applied (Layer III).
Understanding the Framework for AI Cybersecurity Practices (FAICP)
Layer I – Cybersecurity Foundations
AI systems are hosted in ICT infrastructures and in this first layer of the proposed framework, we emphasise the need to start by securing the ICT-hosted ecosystem as a whole using basic cybersecurity practices.
We present the basic cybersecurity principles and procedures as described in various standards, methods and best practices that need to be applied by AI stakeholders.
However, due to the dynamic, constantly evolving nature of AI systems, the cybersecurity foundations built in this layer leave some additional open issues that will be outlined and further analysed in Layer II, where additional cybersecurity practices will accompany the basic ones described in this layer.
The key elements of this layer are:
- security management of the ICT infrastructure hosting AI systems;
- security management;
- cybersecurity certification;
- cybersecurity legislation and policies that affect AI systems.
ICT encompasses the infrastructure and assets that enable digital computing. All organisations rely on the secure operations of ICT for their business/digital activities, regardless of whether the ICT is hosted in-house or owned by a third party (cloud provider, supply chain business partner).
The components of any ICT infrastructure can be viewed as a scalable pyramid of six building blocks:
The first building block (Infrastructure) consists of all physical assets, used in the 2nd building block (Telecom) where all types of networks and telecom equipment are placed.
These are necessary for the 3rd block (IT applications and technologies), which also contains assets related to AI systems.
The 4th block (Domain/sectoral e/m-services) includes all digital services, while the 5th block (Data and data processes) includes all the types of data used in the previous blocks.
Finally, the 6th block (Users/procedures) includes all users that interact with all components from the previous blocks, i.e. internal and external physical entities (e.g. persons, enterprises), smart objects (e.g. IoT) and operational procedures.
Any ICT system is a cyber-physical system, since the first and last blocks (Users and Infrastructure) of the ICT are the physical layers, whereas the four intermediate blocks are the cyber layers.
Cybersecurity of an ICT infrastructure should cover the following dimensions (also known as ‘CIA’): confidentiality, integrity/authenticity and availability/non-repudiation (Figure 3) for all six blocks and all assets within the layers of the ICT infrastructure.
Layer II – AI Fundamentals and Cybersecurity
In the previous section we addressed the various blocks within an ICT infrastructure and discussed the characteristics of the first blocks and the related tools and legislation.
AI systems are part of the 3rd block, see Figure 2.
In this chapter, we assume that AI systems are supported by a trusted hardware infrastructure and focus on the particularities of these types of systems, their properties, threats, risks and related tools and legislation.
The key elements of this layer are:
- AI legislation
- Types of AI
- AI assets and procedures
- AI threat assessment
- AI security management
- AI-related standards
- Ethical and trustworthy AI
- Tools
- Networks and initiatives
Read more about FAICP Layer II
Layer III – Sector-Specific Cybersecurity Good Practices
AI is a technology that has entered all economic sectors (e.g. automotive, health, maritime, finance).
The third layer of the FAICP framework provides additional recommendations and best practices available in order to address cybersecurity issues in the AI systems used in some of these sectors.
While almost every economic sector already relies on AI systems, we have identified below only those sectors for which we managed to find relevant cybersecurity guidelines.
Additionally, ENISA’s reports can be used to identify sectoral threats (e.g. 5G, AI, supply chain).
Read more about FAICP Layer III
This website is developed and maintained by Cyber Risk GmbH as part of its professional activities in the fields of risk management and regulatory compliance.
Cyber Risk GmbH specializes in supporting organizations in understanding, navigating, and implementing complex European, U.S., and international risk related regulatory frameworks.
Content is produced and maintained under the professional responsibility of George Lekatis, General Manager of Cyber Risk GmbH, a well known expert in risk management and compliance. He also serves as General Manager of Compliance LLC, a company incorporated in Wilmington, NC, with offices in Washington, DC, providing risk and compliance training in 58 countries.
Cyber Risk GmbH, some of our clients
