{"id":6496,"date":"2023-05-11T08:15:09","date_gmt":"2023-05-11T08:15:09","guid":{"rendered":"https:\/\/clp.no\/?p=6496"},"modified":"2023-05-11T08:15:09","modified_gmt":"2023-05-11T08:15:09","slug":"upcoming-eu-cyber-resilience-act-a-need-to-prepare","status":"publish","type":"post","link":"https:\/\/clp.no\/en\/upcoming-eu-cyber-resilience-act-a-need-to-prepare\/","title":{"rendered":"Upcoming EU Cyber Resilience Act \u2013 a need to prepare"},"content":{"rendered":"
The EU Cyber Resilience Act is a new piece of legislation designed to improve the resilience of EU institutions and critical infrastructure against cyber threats, by placing cybersecurity requirements on all products with digital elements such as IoT products. <\/strong>It will have a significant impact on businesses operating within the European Union, as a measure to secure safer and more secure digital products, and it implies requirements and duties placed upon both manufacturers and users of digital products, which business need to prepare for. <\/em><\/p>\n The European Commission published its proposal on 15 September 2022 as part of its entire EU cybersecurity framework. It will now be processed by the European Parliament and the Council. Once adopted, economic operators and Member States will have two years to adapt to the new requirements. <\/em><\/p>\n Hardware and software products are increasingly subject to successful cyberattacks, resulting in an estimated global annual cost of cybercrime of \u20ac5.5 trillion by 2021, with expected increase. According to the European Commission, such products suffer from two key issues:<\/p>\n Most of hardware and software products are currently not covered by any EU legislation addressing the products’ cybersecurity. In particular, the current EU legal framework does not address the cybersecurity of non-embedded software, even if cybersecurity attacks increasingly target vulnerabilities in these products, causing significant societal and economic costs.<\/p>\n The 4 main objectives of the regulations according to the European Commission were:<\/p>\n The EU Cyber Resilience Act introduces mandatory cybersecurity requirements for products throughout their lifecycle and will require businesses operating within the EU to implement a number of measures. Requirements include:<\/p>\n The EU Cyber Resilience Act will also establish a European Cybersecurity Competence Centre to provide support and expertise to businesses. EU standards based on the Cyber Resilience Act is intended to facilitate its implementation.<\/p>\n It is important for businesses manufacturing products with digital elements to start preparing for the implementation of the EU Cyber Resilience Act now. This includes reviewing their current cybersecurity measures and identifying any areas that need to be improved.<\/p>\n If you have any questions or concerns about the EU Cyber Resilience Act and how it will affect your business, please do not hesitate to contact us.<\/p>\n <\/p>\n\n
\n
\n