Sun. Jun 26th, 2022

Answer given by Mr Hahn on behalf of the European Commission


Brussels, 7 June 2022

On 22 March 2022 the Commission proposed new rules to establish common cybersecurity measures across the EU institutions, bodies, offices and agencies (COM(2022)122 final). The proposal aims to bolster their resilience and response capacities against cyber threats and incidents, as well as to ensure a resilient, secure EU public administration, amidst rising malicious cyber activities in the global landscape.

The proposed Cybersecurity Regulation, if adopted by the European Parliament and the Council, would create a framework for cybersecurity risk governance, management and control across all EU institutions, bodies and agencies and it would require them to implement a baseline of cybersecurity measures addressing the identified risks. It would lead to the creation of a new interinstitutional Cybersecurity Board, boost cybersecurity capabilities, and stimulate regular maturity assessments and better cyber-hygiene. It would also extend the mandate of the Computer Emergency Response Team for the EU institutions, bodies, offices and agencies (CERT-EU) as a threat intelligence, information exchange and incident response coordination hub and as a central advisory body. Moreover, it will provide CERT-EU with a stable resourcing model in order to fulfil its role.

The legislative process towards the adoption of the new regulation is currently ongoing in the European Parliament and in the Council.

Source: European Parliament