Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

EU’s Cyber Resilience Act Advances

December 5, 2023
Reading Time: 2 mins read
in Incidents
EU’s Cyber Resilience Act Advances

The EU’s Cyber Resilience Act (CRA) is on the brink of adoption as the European Parliament and EU Council reached a political agreement. Proposed in September 2022, the CRA imposes security requirements for IoT device manufacturers, marking a sector-agnostic legislative approach. Notably, it mandates manufacturers to report cyber incidents and unpatched vulnerabilities, a pioneering move in transversal law. The legislation necessitates a risk assessment by manufacturers, five-year product support, and a compliance self-assessment. Critical products require security audits.

The agreement, pending formal approval, sets a 36-month adaptation period for affected entities, reinforcing the EU’s digital product security. The Cyber Resilience Act (CRA), proposed by the EU Commission in September 2022, has advanced as the European Parliament and EU Council reached a political agreement. This legislation, unique in its sector-agnostic approach, focuses on bolstering the security of digital products, particularly IoT devices. A key provision mandates manufacturers to report significant cyber incidents and unpatched vulnerabilities, setting a precedent in the regulatory landscape. Manufacturers must conduct a risk assessment and provide at least five years of support for their products. Notably, the CRA introduces a self-assessment option for compliance, with security audits required for critical products. Once adopted, organizations affected by the CRA will have a 36-month adaptation period. The EU Council and Parliament have reached a political agreement on the Cyber Resilience Act (CRA), a groundbreaking legislation proposed in September 2022.

The CRA, designed to enhance the security of digital products, introduces security requirements for manufacturers of connected devices, including IoT devices. A significant aspect of the legislation is the mandate for manufacturers to report serious cyber incidents and actively exploited vulnerabilities. This marks the first instance of such a requirement in a sector-agnostic law. The legislation requires manufacturers to conduct risk assessments, offer a minimum of five years of support, and self-assess compliance, with security audits for critical products. The agreement awaits formal approval and, upon adoption, will initiate a 36-month adaptation period for affected organizations.

The EU’s Cyber Resilience Act (CRA) is poised for adoption, with the European Parliament and EU Council reaching a political agreement. Initially proposed by the EU Commission in September 2022, the CRA targets the security of digital products, introducing sector-agnostic security requirements for connected device manufacturers. Notably, the legislation mandates reporting of serious cyber incidents and unpatched vulnerabilities, a pioneering move in the regulatory landscape. Manufacturers are required to conduct risk assessments, provide a minimum of five years of support, and undergo security audits for critical products. The agreement is pending formal approval, with a 36-month adaptation period envisaged for organizations affected by the CRA.

Reference:

  • European Commission
Tags: 2023AttackersCyber AttacksCyber Incidents 2023cyber-incidentCybersecurityDecember 2023EU
ADVERTISEMENT

Related Posts

Coinbase Insider Attack Exposed User Data

Coinbase Insider Attack Exposed User Data

May 16, 2025
Coinbase Insider Attack Exposed User Data

Hackers Target Swiss Reserve Power Plant

May 16, 2025
Coinbase Insider Attack Exposed User Data

Cyberattack Hits J Batista Group

May 16, 2025
Dior Breach Exposes Asian Customer Data

Dior Breach Exposes Asian Customer Data

May 15, 2025
Dior Breach Exposes Asian Customer Data

Australian Human Rights Body Files Leaked

May 15, 2025
Dior Breach Exposes Asian Customer Data

Nucor Cyberattack Halts Plants Networks

May 15, 2025

Latest Alerts

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Google Patches Chrome Account Takeover Bug

Horabot Malware Targets LatAm Via Phishing

HTTPBot DDoS Threat To Windows Systems

Subscribe to our newsletter

    Latest Incidents

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    Dior Breach Exposes Asian Customer Data

    Australian Human Rights Body Files Leaked

    Nucor Cyberattack Halts Plants Networks

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial