The EU is taking steps to secure its open source software supply chain, but there are still gaps in the current efforts. The White House issued an Executive Order after the SolarWinds attack, which led to a flurry of new projects to protect the supply chain and the rise of OpenSSF. In contrast, the EU has been slower to respond, with some member states not taking the directive seriously. The EU's Open Source Strategy was updated in 2020, but there is still a lack of funding for open source security initiatives. The European Cyber Security Agency (NISA) has conducted reports on supply chain attacks, but more work needs to be done to address these threats. The EU's awareness and education efforts on open source security are limited compared to the US, which has taken steps such as the publication of an Executive Order and a bug bounty program. To improve its response, the EU should invest in open source security initiatives, lobby for funding, and work with the US and other countries to address these threats. The Open Source Security Mobiles initiative aims to promote awareness and education on open source security, and there is potential for collaboration between the EU and the US on this issue.