With the Russian meddling into the 2016 US presidential election showing how vulnerable digital services are, and the COVID-19 pandemic forcing most traditionally non-digital services to digitalise, what can the EU do to ensure its cybersecurity remains impervious to external malicious attacks?