Skip to main content
Shaping Europe’s digital future
Press release | Publication

Commission welcomes political agreement on new rules to boost cybersecurity in EU institutions, bodies, offices and agencies

The Commission welcomes the political agreement reached between the European Parliament and the Council of the EU on the Regulation proposed by the Commission laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union.

graphic showing a lock over a chip

iStock photo Getty images plus

Negotiations have now concluded, paving the way for final approval of the legal text by the European Parliament and the Council.

The Commission announced the proposal for the Cybersecurity Regulation in March 2022. This Regulation will put in place a framework for governance, risk management and control across EU entities in cybersecurity, with a new inter-institutional Cybersecurity Board to monitor its implementation. It will also extend the mandate of the Computer Emergency Response Team for the EU institutions, bodies, offices and agencies (CERT-EU), as a threat intelligence, information exchange and incident response coordination hub, a central advisory body, and a service provider. CERT-EU will be renamed to ‘Cybersecurity Service for the Union institutions, bodies, offices and agencies' to reflect its new mandate while keeping the short name CERT-EU for recognition purposes.

Full press release