Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
EU Adopts Cyber Resilience Act to Regulate Internet of Things
The European Union adopted a new law setting EU-wide cybersecurity requirements for connected devices to ensure their safety.
October 20, 2024
The Council of the European Union adopted the Cyber Resilience Act earlier this month, a new law that will ensure that connected devices – including consumer products, such as smart doorbells, televisions, and toys, as well as commercial devices, such as IP cameras – meet new cybersecurity requirements before going to market.
The regulations establish an EU-wide framework that encompasses design, development, production, and the sale of hardware and software products that connect either directly or indirectly to another device or network.
The law enhances existing cybersecurity legislation, making regulations more coherent and ensuring that Internet of Things (IoT) products are secure, from supply chain to end of life.
CRA is designed to allow consumers to make informed decisions when shopping for connected digital products by making it easier for them to identify hardware and software with proper cybersecurity features. New products will be labeled with "CE" to signify that they meet the requirements. Products that are already regulated by existing EU rules, like medical devices, aeronautical products, and cars, are exempt from the new regulations.
In the coming weeks the legislative act will be signed by the presidents of the council and European Parliament and be published in the EU's official journal. The regulation will enter into force 20 days after publication and apply three years later, in 2027, although some provisions will apply at earlier stages.
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024