67 percent of EU governmental institutions score D or F for cybersecurity efforts

As recently as 2025, the European Commission announced new initiatives to promote cyber resilience and introduced legislation aimed at strengthening cybersecurity across the European Union (EU). However, concerns about the overall readiness of EU institutions remain.

In 2022, the European Court of Auditors (ECA) issued a special report stating that the level of cybersecurity preparedness among European Union Institutions, Bodies, and Agencies (EUIBAs) was not proportionate to the threats they faced. The report urged the Commission to take action to improve cybersecurity across bodies and increase funding.

Despite these efforts, the latest data from the Business Digital Index, powered by Cybernews, shows that the European Union still struggles to secure its systems against cyberattacks. According to the analysis, 67% of the evaluated organizations scored a D or F — the lowest security grade assigned by the index. All institutions had experienced data breaches, and 85% of employees working for institutions with the lowest security grades reused passwords that had already been compromised.

Read more at Cybernews