Technological drivers, such as IoT, blockchains and AI, are raising some challenges that need to be addressed through the definition of a common legal umbrella to regulate a future data-driven society. The current main EU legal instruments in the cybersecurity and data-protection fields, such as NIS Directive, GDPR and the EU Cybersecurity Act, must deal with incessant technological evolution.