The Cyber Resilience Act was adopted today. It will soon be published in the Official Journal of the European Union and 20 days after that it becomes a full regulation. The act affects almost all software distributed in the union. Software needs to be secure by design and secure by default – and marked with the well-known CE mark to indicate that it complies with the regulation.
“The Council adopted today a new law on cybersecurity requirements for products with digital elements with a view to ensuring that products, such as connected home cameras, fridges, TVs, and toys, are safe before they are placed on the market (cyber resilience act). The new regulation aims to fill the gaps, clarify the links, and make the existing cybersecurity legislative framework more coherent, ensuring that products with digital components, for example ‘Internet of Things’ (IoT) products, are made secure throughout the supply chain and throughout their lifecycle.”
Links:
- Regulation on horizontal cybersecurity requirements for products with digital elements (Cyber resilience act), 10 October 2024
- Press release
