EU to Implement Cyber Resilience Act

Horizontal Framework for Cybersecurity

To enhance cybersecurity across the European Union, the EU Commission presented a legislative proposal on September 15, 2022. This act, adopted by the European Parliament, establishes a framework for manufacturers and businesses to ensure the safety and security of digital products and related services.

Cyber Resilience Act: Overview

The Cyber Resilience Act aims to protect consumers and businesses from cyber threats by requiring manufacturers to meet specific cybersecurity standards for their products. These products must be designed and manufactured to withstand cyberattacks and to minimize the impact of any vulnerabilities.

The act establishes common cybersecurity requirements for a wide range of products, including connected devices, smart products, and related services. Manufacturers will be responsible for assessing and addressing cybersecurity risks, implementing security measures, and providing documentation on their cybersecurity practices.

Implementation and Enforcement

The Cyber Resilience Act is expected to enter into force in the second half of 2024, giving manufacturers time to adapt to the new requirements. The act will be enforced by national authorities, who will be responsible for monitoring compliance and ensuring harmonized implementation across the EU.

Significance of the Cyber Resilience Act

The Cyber Resilience Act marks a significant step towards strengthening cybersecurity in the EU. It is the first comprehensive legislation in the EU that addresses cybersecurity requirements for digital products and services across various sectors.

By ensuring that products and services meet robust cybersecurity standards, the act aims to enhance consumer protection, reduce cyber threats, and contribute to a more secure digital environment for all.