The EU has always pioneered in building a robust cybersecurity policy framework based on preparedness (NIS1, Cybersecurity Act). This framework has evolved recently to take into account the evolution of the cybersecurity threat landscape and break the policy silos between physical and digital security, with the adoption of the NIS2 and Critical Entities Resilience Directive. Work on cyber resilience has now been extended to digital products through the proposal for a Cyber Resilience Act in September 2022, the first-ever EU-wide legislation of its kind. While accelerating the work on the resilience of critical infrastructure, the EU is now moving to operational to boost the EU's capabilities to better detect, prepare and respond to cybersecurity threats and ...