Cybersecurity of EU institutions, bodies and agencies: Level of preparedness overall not commensurate with the threats

Author (Corporate)	European Court of Auditors
Publisher	Publications Office of the European Union
Series Title	ECA Special Reports
Series Details	05/2022, Number 5
Publication Date	March 2022
ISBN	978-92-847-7608-5
ISSN	1977-5679
EC	QJ-AB-22-003-EN-N
Content Type	Report
	Summary: The number of cyberattacks on EU institutions, bodies and agencies (EUIBAs) is increasing sharply. As EUIBAs are strongly interconnected, weaknesses in one can expose others to security threats. We examined whether the EUIBAs have adequate arrangements to protect themselves against cyber threats. We found that, overall, EUIBAs’ level of preparedness is not commensurate with the threats, and that they have very different levels of cybersecurity maturity. We recommend that the Commission improve EUIBAs’ preparedness by proposing the introduction of binding cybersecurity rules and an increase in resources for the Computer Emergency Response Team (CERT-EU). The Commission should also promote further synergies among EUIBAs, and CERT-EU and the European Union Agency for Cybersecurity should focus their support on less mature EUIBAs.
Source Link	Link to Main Source https://www.doi.org/10.2865/615675 Alternative Source 1 Alternative Source 2 Alternative sources https://op.europa.eu/webpub/eca/special-reports/hack-proofing-eu-institutions-05-2022/en/ https://www.eca.europa.eu/Lists/ECADocuments/SR22_05/SR_cybersecurity-EU-institutions_EN.pdf
Related Links	Official European Court of Auditors (ECA): Special report 05/2022: Cybersecurity of EU institutions, bodies and agencies : Level of preparedness overall not commensurate with the threats https://www.eca.europa.eu/en/Pages/DocItem.aspx?did=60922
Subject Categories	Security and Defence
Subject Tags	Cybersecurity \| Cyber-security
International Organisations	European Union [EU]

Summary: