Trust and security are at the core of the Digital Single Market Strategy of the EU. EU has been very active in the legislative domain lately. Greece has recently modernized its legal framework of fighting cybercrime by ratifying the Cybercrime Convention and by implementing into national law the provisions of the EU directive 2013/40 on attacks against information systems and replacing Council Framework Decision 2005/222/JHA by modifying the penal code. This somehow late adoption of the specific provisions is expected to facilitate fighting cybercrime but there have already been other legislative EU initiatives, such as the new data protection regulation (GDPR) or the Network and Information Systems (NIS) directive which will soon demand further modification of the legal framework on cybercrime and on cybersecurity. What is the current state regulatory framework on cybersecurity and data protection? What is left to be done? These will be the two main questions we will try to answer.