New Cybersecurity Requirements
The EU aims to enhance the resilience of its digital ecosystem and mitigate the increasing cyber threats through CRA.
The Cyber Resilience Act (CRA) has been approved by European parliamentarians and the Council, bringing new cybersecurity requirements to protect digital products in the EU from cyber threats. The act introduces mandatory cybersecurity obligations for the design, development, production, and sale of hardware and software products. Manufacturers will be responsible for meeting these obligations, including providing cybersecurity risk assessments and cooperating with authorities. The act also includes transparency obligations for consumers and requirements for manufacturers to ensure the ongoing security of their products. The CRA will complement existing cybersecurity legislation and will apply three years after it becomes law. European standardisation organizations are developing standards and specifications in preparation for implementation.
The final text of the act is being finalized before it is formally adopted by the European Parliament and Council.
Source : https://www.lexology.com/library/detail.aspx?g=b35c07fd-7b17-4a71-83ef-3fead1c4d520