Details Publication date18 March 2022AuthorDirectorate-General for Digital ServicesRelated departmentDirectorate-General for Digital Services Description The Cybersecurity Regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union entered into force on 7 January 2024. The key elements of the proposal for Cybersecurity Regulation: Strengthen the mandate of CERT-EU and provide the resources it needs to fulfil it; Require from all EU institutions, bodies, offices and agencies to: Have a framework for governance, risk management and control in the area of cybersecurity; Implement a baseline of cybersecurity measures addressing the identified risks; Conduct regular maturity assessments; Put in place a plan for improving their cybersecurity, approved by the entity's leadership; Share incident-related information with CERT-EU without undue delay. Set up a new inter-institutional Cybersecurity Board to drive and monitor the implementation of the regulation and to steer CERT-EU; Rename CERT-EU from ‘Computer Emergency Response Team' to ‘Cybersecurity Centre', in line with developments in the Member States and globally, but keep the short name ‘CERT-EU' for name recognition. See also: Press release Impact analysis Files 21 MARCH 2022Proposal for a regulation laying down measures on cybersecurity at the institutions, bodies, offices and agencies of the Union 21 MARCH 2022Commission Staff Working Document – Impact analysis accompanying the proposal for a regulation