The European Union adopted a regulation on mandatory cyber hygiene intended to beef up cybersecurity at EU government agencies amid concerns that trading bloc institutions have failed to keep pace with mounting digital threats.

Proposed by the European Commission in 2022, the Cybersecurity Regulation lays down uniform cyber compliance requirements for EU institutions, bodies, offices and agencies. It came into force on Sunday, giving all agencies until September 2024 to conform to it, including its mandates for the adoption of controls against known risks and regular cybersecurity maturity assessments.