The next piece of the puzzle is almost ready to fit into the EU cybersecurity framework. On November 30, the EU Council and Parliament reached an agreement on the EU Cyber Resilience Act (CRA), which will introduce uniform cybersecurity requirements for products with digital elements. Similar to other acts of the EU Data Strategy, the CRA aims to create responsibility for manufacturers and transparency for consumers and businesses. There will also be a vulnerability handling process.
While simplifying the scope of the CRA and adding a three-year grace period, the agreement reached by the EU Council and the EU Parliament amended the EU Commission's proposal by adding that the support period for products must be at least five years, and there will be a reporting obligation for exploited vulnerabilities and incidents.
The final draft is expected in the next weeks, once the details have been finalized.
We will update you here on the developments of the European Cybersecurity Framework.
/Passle/5db069e28cb62309f866c3ee/MediaLibrary/Images/5dcaad168cb6230d740f6dc1/2023-06-26-15-46-15-758-6499b2c7436bdee0ca01af9f.jpg)
/Passle/5db069e28cb62309f866c3ee/SearchServiceImages/2024-05-02-09-24-14-268-66335bbe7c6345c9b0971e82.jpg)
/Passle/5db069e28cb62309f866c3ee/SearchServiceImages/2024-05-01-08-06-43-071-6631f81303765d17a4ee9b24.jpg)
/Passle/5db069e28cb62309f866c3ee/SearchServiceImages/2024-04-30-18-48-38-653-66313d0603765d17a4ed8397.jpg)
/Passle/5db069e28cb62309f866c3ee/MediaLibrary/Images/2024-04-26-15-33-58-699-662bc9663a0f4b80899ce989.png)