OpenAI opens GPT-5.5-Cyber to European firms with Osborne fronting outreach

TL;DR:

  • OpenAI is granting access to its GPT-5.5-Cyber model to dozens of European companies under its Trusted Access for Cyber programme, with named participants including Deutsche Telekom, BBVA, Telefonica, UK cybersecurity firm Sophos and German financial services firm Scalable Capital.
  • The programme positions OpenAI as the European-friendly defensive-AI provider, with former UK chancellor George Osborne — heading the company’s OpenAI for Countries initiative — sending an explanatory letter to the European Commission framing the move as supporting “shared security”.
  • OpenAI is offering the European Commission open access to cybersecurity features; the Commission says Anthropic has “not been as forthcoming” — a deliberate contrast intended to land before any EU AI Act enforcement decisions.

OpenAI’s MD for EMEA, Emmanuel Marill, said the company aims to “block dangerous activity, while making sure trusted defenders have tools that are genuinely useful in protecting systems, finding vulnerabilities and responding to threats quickly”. The release follows Anthropic’s Mythos rollout last month and the resulting scramble across the US banking sector, with OpenAI explicitly framing its move as a response.

Why this is a UK story

George Osborne’s role is central. The former chancellor running OpenAI’s government-relations push in Europe gives the company a direct line into UK and EU policy conversations that Anthropic does not have. With UK Sophos named in the cohort, and OpenAI’s expanded $4 billion (£3.1bn) enterprise-services unit (announced earlier this week alongside the Tomoro acquisition) targeting exactly this customer base, the UK enterprise market is now a designated battlefield between OpenAI’s “Trusted Access” framing and Anthropic’s “Project Glasswing” framing.

The Brussels positioning matters

OpenAI explicitly inviting the European Commission to use its cybersecurity features — and the Commission publicly contrasting this with Anthropic’s reticence — is a calculated piece of regulatory positioning. With the EU AI Act’s substantive provisions on high-risk systems entering enforcement phases over the next year, being on the right side of Brussels’ framing is commercially valuable. For UK enterprises with significant EU operations, OpenAI’s positioning provides clearer compliance cover than Anthropic’s currently does.

What is in the cohort

Beyond the named anchor customers — telecoms, banking, cybersecurity — OpenAI says “dozens more European companies” are included. The structure favours verified firms in vital sectors (financial services, telecoms, energy, public services) and includes “precise safeguards for defensive work” that OpenAI says distinguish the programme from general API access. The competitive subtext: Anthropic’s Mythos is priced at $25 (£19.50) per million input tokens; OpenAI is positioning Trusted Access as a regulator-friendly alternative without comparable pricing transparency yet.

Looking forward

Expect a parallel UK government announcement on AI cybersecurity access within the next two months, mirroring the EU positioning. UK SMEs in regulated sectors should watch for whether their cyber-insurance providers begin recognising OpenAI Trusted Access participation as a positive control — that would be the moment commercial preferences crystallise. The bigger picture: defensive cyber AI is moving from “one vendor’s product” to a duopoly bidding for regulator endorsement, with the UK as one of the most politically valuable references either side could win.