OpenAI Expands EU Access to GPT-5.5-Cyber

OpenAI is providing the European Union and vetted European cybersecurity teams with access to a cyber-focused variant of its latest model, GPT-5.5-Cyber, CNBC reports. CNBC further reports the model had been rolled out in a limited preview to vetted cybersecurity teams before the wider access announcement. According to CNBC, European Commission spokesperson Thomas Regnier said at a press briefing, "We welcome OpenAI's transparency and intent to give commission access to new model," and that exchanges between OpenAI and the Commission have taken place with further discussions planned. CNBC also reports that Anthropic, which released the Mythos model earlier, has not yet granted EU preview access and that discussions with Anthropic are "not yet at the same stage" as those with OpenAI. DevDiscourse and related outlets report that OpenAI is distributing model access via a "Trusted Access for Cyber" programme and name firms such as Deutsche Telekom and BBVA as participants; those corporate-access details are attributed to those outlets.

Companies and reporting use the phrase cyber-focused model to describe variants like GPT-5.5-Cyber, which typically means models tuned or configured for defensive tasks such as malware analysis, intrusion detection hypothesis generation, and automated red-teaming support. Industry-pattern observations note that providing restricted previews to vetted teams is a common approach for testing operational security, integrating human oversight, and gathering domain-specific feedback before broader deployment. For practitioners, this pattern highlights operational needs around secure deployment, access controls, and logging when integrating large models into security workflows.

Reporting frames the move as part of broader competition and regulator engagement in Europe: CNBC contrasts OpenAI's access arrangement with the EU to Anthropic's more limited EU preview access for Mythos. Public reporting places these vendor-government interactions against a backdrop of EU scrutiny of frontier models and rising interest from telecoms, banks, and public agencies in model-assisted cyber defence. Industry observers have in other coverage emphasised that governments increasingly seek hands-on review access to understand emergent risks from advanced models; that dynamic is consistent with the documented engagements cited by CNBC and by EU spokespeople.

• •Whether the European Commission publishes technical assessments or audit findings following its access, as this would set a precedent for regulator-model access.
• •Reporting or documentation of the "Trusted Access for Cyber" programme's eligibility criteria, usage limits, and security controls; early corporate participants named in press coverage include Deutsche Telekom and BBVA (attributed to DevDiscourse).
• •Any follow-up from Anthropic on EU preview access for Mythos, since CNBC reports the discussions there are at a different stage.
• •Evidence of operational deployments or case studies showing GPT-5.5-Cyber used for threat hunting, incident response, or automated red teaming, which would clarify real-world defensive utility.

The factual items above are drawn from reporting by CNBC (May 11, 2026) and from regional outlets that reported program details and corporate participants (DevDiscourse, The Future Media, and related coverage).