this is what the Cert of the EU is responsable for (but don't ask if they got the resources)
and to understand it well
sit down and read aloud one line after another
and think about what the consequences would be if one of them got breached
instead of spending millions on 'awareness' one should spend money on resources to defend your infrastructure and data before people become aware that you are a king without clothes (not against the people of certeu off course)
and the situation in Belgium is not better ......