Published the Cyber Resilience Act, setting unified cybersecurity standards for digital products across the EU Market
The Cyber Resilience Regulation —Regulation (EU) 2024/2847 of the European Parliament and of the Council— was published today in the Official Journal of the European Union (OJEU), thereby concluding the legislative process for approving this regulation, which has been ongoing since mid-2022 following the European Commission’s proposal.
Key Aspects
- Manufacturers must integrate security measures from the design phase and ensure CE marking;
- Importers and distributors are responsible for verifying product cybersecurity standards;
- Timely reporting of vulnerabilities and incidents is mandatory for manufacturers;
- Significant penalties are imposed for noncompliance, with exemptions for small enterprises.