Regulation 2023/2841, the Cybersecurity Regulation for Union entities, entered into force on 7 January 2024. A year later, the Interinstitutional Cybersecurity Board (IICB) releases its Annual Report. It is a very interesting read…
For CERT-EU and the Interinstitutional Cybersecurity Board (IICB), our board, 2024 has been a whirlwind of activity.
Reinvigorated by our new mandate, we've worked tirelessly to help the European Union institutions, bodies and agencies (Union entities) strengthen their cybersecurity posture. The IICB Annual Report 2024 is a testament to this. We strongly encourage you to take a look.
And we're thrilled to say that we are right on track! With the European Parliament's successful chairmanship and the valuable, strategic contributions of its members, the IICB has established a solid basis for its functioning and operations. In this regard, the IICB has reached a number of milestones, including the setup of the Local Cybersecurity Officers (LCO) Network and Technical Advisory Groups (TAGs) and the adoption of a Multi-annual Strategy until 2029.
Moreover, on the basis of proposals by CERT-EU, the IICB published mandatory practical guidelines for Union entities, on a range of critical topics, preparing the ground for the proper implementation of the Regulation, including:
- Incident reporting
- Cybersecurity Framework
- Risk management
- Maturity assessment
- Cybersecurity plans
- Incident response and cooperation.
While we're not ones to boast, we're proud of the achievements made in the past year under the IICB’s guidance. And we couldn't have done it without the hard work and dedication of our staff and colleagues in all Union entities.
However, it’s not all sunshine and butterflies. There are still some major challenges ahead.
To begin with, we are collaborating closely with the IICB and all Union entities to ensure compliance with the Cybersecurity Regulation by the specified deadlines.
We must also collectively increase our investment in people, in solutions, and collaboration, seeking efficiency wherever possible to improve the overall resilience of Union entities, our shared goal.
And of course, let’s not forget about those cyber attacks that keep piling up, becoming more sophisticated by the year.
To meet these challenges, we are upping our game, embracing our new role as the Cybersecurity Service for the Union entities, and seizing every opportunity to improve our services to the benefit of those we proudly serve.
So here's to many more years of advancing cybersecurity across the Union! We're committed to continuing our work with the IICB to strengthen cyber resilience, improve incident response, and help Union entities stay agile in the face of evolving cybersecurity threats.