ESET invests EUR €40 million in AI cybersecurity R&D

ESET has announced a EUR €40 million investment in artificial intelligence research and development, focused on cybersecurity-specific AI models, an AI security stack, and a new AI security operations platform.

The move comes as the cybersecurity group reports a sharp rise in risks linked to so-called AI skills, modular instructions that tell AI agents how to perform tasks, use tools, access services, and interact with external systems. Since March 2026, ESET's technologies have scanned nearly 800,000 unique AI skills, with about 25,000 classified as suspicious and more than 3,000 blocked as malicious.

That marks a steep increase from the roughly 60,000 publicly available skills observed at the start of the year. The figures point to a fast-growing software supply chain for autonomous and agentic AI systems, in which links to external repositories, plugins, datasets, and third-party services introduce new points of risk.

Richard Marko, Chief Executive Officer of ESET, said the investment reflects a broader shift in how AI is affecting cyber risk.

"Cybersecurity is entering a completely new era," Marko said. "Artificial intelligence is no longer only a tool for defense. It is becoming part of the attack surface itself. Our investment is focused on ensuring that AI strengthens cybersecurity rather than weakens it - and on building technologies capable of protecting organizations in a world of autonomous AI."

The programme will also support a three-year hiring plan to expand ESET's research and development team to 1,000 researchers and engineers. The company positioned the effort as part of a push to retain greater control over the AI systems used in cybersecurity, at a time when a small number of large technology groups dominate access to advanced models.

Marko tied that to what he described as sovereignty in cybersecurity.

"We believe the future of cybersecurity cannot depend entirely on models controlled by Big Tech," he said. "In cybersecurity, sovereignty matters."

Three areas

The EUR €40 million investment will be directed into three main areas: developing its own security-focused foundational AI models, creating a layered AI security architecture, and building a new generation of AI tools for security operations centres.

On the model side, ESET plans to build AI systems trained specifically for cybersecurity rather than for broad consumer or general internet tasks. Those models will be shaped using cybersecurity telemetry and threat intelligence gathered over nearly 35 years.

The company will also continue work on existing AI-based products, including ESET LiveGrid, ESET LiveCortex, and ESET LiveGuard. In addition, it plans to explore newer AI approaches such as world models, which aim to interpret behaviour, context, and intent within digital environments.

Securing AI use

A second focus is on protecting the growing use of AI systems inside businesses. ESET is developing what it calls ESET Secure AI Relay, an intermediary layer between users, AI agents, business applications, and AI models.

It also plans network-level protections for communication between AI agents. Its AI Skills Checker tool, along with versions integrated into its products, is aimed at the emerging ecosystem around agentic AI systems.

Juraj Jánošík, Vice President of Artificial Intelligence at ESET, said the company sees AI moving from a supporting role to a direct part of daily operations and security risk.

"ESET has long led the way in applying AI to cybersecurity," Jánošík said. "What's changing now is the role that AI plays. AI tools are becoming part of everyday work, agentic systems are expanding the attack surface, and security teams need faster ways to respond to threats. This investment lets us work across the full horizon: securing AI use, building AI models for cybersecurity, and bringing autonomous capabilities into security operations under human oversight."

AI in the SOC

The third strand centres on security operations centres, where analysts monitor and respond to cyber threats. ESET said it aims to change how telemetry is processed, correlated, and understood, rather than simply replacing analysts with AI agents.

The goal is to make sophisticated AI-assisted protection available beyond the largest corporations and into mid-sized and smaller organisations through more automated systems operating under supervision.

Marko said the industry needs a different approach as alert volumes and operational complexity continue to grow.

"Cybersecurity cannot scale by adding more alerts, more dashboards, and more complexity," he said. "The industry needs another major leap forward. We believe AI must help make world-class cybersecurity effortless and available to everyone."