On Tuesday, the Cyber Resilience Act (CRA), a landmark piece of legislation, enters into force. This marks a major leap forward in the EU’s efforts to protect its citizens and businesses from cyber threats. The CRA is the first-ever EU legislation placing mandatory cybersecurity requirements for products that include digital elements.
The Act introduces greater responsibilities on manufacturers to guarantee the security of hardware and software products. Central to the Act are new obligations for manufacturers to provide software updates that fix security vulnerabilities and offer security support to consumers. By enhancing transparency on cyber risks and product security, the Act empowers consumers to make more informed choices about products available on the EU market.
Products will bear the CE marking to indicate that they comply with the regulation’s requirements. The main obligations of the Act will apply from 11 December 2027.
Henna Virkkunen, European Commission Executive Vice-President, said: ”We are committed to making Europe a safe and secure place for our citizens and businesses to operate. This new regulation is a major step forward in ensuring digital products in the EU do not pose cyber risks to EU consumers.”
The Cyber Resilience Act complements the NIS2 cybersecurity framework, which entered into force last year. It is part of a series of comprehensive measures the EU is deploying to bolster the cybersecurity of an increasingly digital and connected Europe.
Source: European Commission
The post Cyber Resilience Act enters into force to make Europe’s cyberspace safer and more secure appeared first on Vastuullisuusuutiset.fi.