The coordinated Denial of Service attacks in Estonia 2007, the successful hacker attacks against the German Bundestag 2015 and the increasing number of cyber-crimes challenge the European Union (EU). In order to overcome these challenges the EU initiated a cyber security strategy in 2013. This paper follows up the question, whether the measures of this strategy are adequate in order to tackle the challenges of the cyberspace in modern times and which improvements can be done. The focus will rely on the analysis of the EU’s cyber security strategy 2013 as well as its advancement of 2017. The three issues ‘cyber resilience‘, ‘reducing cybercrime’ and ‘cyber defence policy and capabilities’ shall be analyzed. The unlimited sphere of the cyberspace, the invisible and barely identifiable opponents and the focus on national regulations seem to be an unsolved dilemma in the EU. After analyzing the current state, the paper shall formulate future recommendations for action to postulate an improved ‘pooling and sharing’ as well as the coordination and involvement of existing member states’ cyber capabilities. The devolution of responsibilities regarding cyber security to the EU stage is desirable in order to increase the European potency, because a divided EU will have great difficulties enforcing its interests over attacking opponents.