Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

EU’s Cyber Resilience Act Advances

December 5, 2023
Reading Time: 2 mins read
in Incidents
EU’s Cyber Resilience Act Advances

The EU’s Cyber Resilience Act (CRA) is on the brink of adoption as the European Parliament and EU Council reached a political agreement. Proposed in September 2022, the CRA imposes security requirements for IoT device manufacturers, marking a sector-agnostic legislative approach. Notably, it mandates manufacturers to report cyber incidents and unpatched vulnerabilities, a pioneering move in transversal law. The legislation necessitates a risk assessment by manufacturers, five-year product support, and a compliance self-assessment. Critical products require security audits.

The agreement, pending formal approval, sets a 36-month adaptation period for affected entities, reinforcing the EU’s digital product security. The Cyber Resilience Act (CRA), proposed by the EU Commission in September 2022, has advanced as the European Parliament and EU Council reached a political agreement. This legislation, unique in its sector-agnostic approach, focuses on bolstering the security of digital products, particularly IoT devices. A key provision mandates manufacturers to report significant cyber incidents and unpatched vulnerabilities, setting a precedent in the regulatory landscape. Manufacturers must conduct a risk assessment and provide at least five years of support for their products. Notably, the CRA introduces a self-assessment option for compliance, with security audits required for critical products. Once adopted, organizations affected by the CRA will have a 36-month adaptation period. The EU Council and Parliament have reached a political agreement on the Cyber Resilience Act (CRA), a groundbreaking legislation proposed in September 2022.

The CRA, designed to enhance the security of digital products, introduces security requirements for manufacturers of connected devices, including IoT devices. A significant aspect of the legislation is the mandate for manufacturers to report serious cyber incidents and actively exploited vulnerabilities. This marks the first instance of such a requirement in a sector-agnostic law. The legislation requires manufacturers to conduct risk assessments, offer a minimum of five years of support, and self-assess compliance, with security audits for critical products. The agreement awaits formal approval and, upon adoption, will initiate a 36-month adaptation period for affected organizations.

The EU’s Cyber Resilience Act (CRA) is poised for adoption, with the European Parliament and EU Council reaching a political agreement. Initially proposed by the EU Commission in September 2022, the CRA targets the security of digital products, introducing sector-agnostic security requirements for connected device manufacturers. Notably, the legislation mandates reporting of serious cyber incidents and unpatched vulnerabilities, a pioneering move in the regulatory landscape. Manufacturers are required to conduct risk assessments, provide a minimum of five years of support, and undergo security audits for critical products. The agreement is pending formal approval, with a 36-month adaptation period envisaged for organizations affected by the CRA.

Reference:

  • European Commission
Tags: 2023AttackersCyber AttacksCyber Incidents 2023cyber-incidentCybersecurityDecember 2023EU
ADVERTISEMENT

Related Posts

Nervos Bridge Paused After $3.9 Million Hack

Ukraine GUR Claims Tupolev Data Theft Hack

June 5, 2025
Nervos Bridge Paused After $3.9 Million Hack

KiranaPro Startup Hacked All Data Wiped

June 5, 2025
Nervos Bridge Paused After $3.9 Million Hack

Nervos Bridge Paused After $3.9 Million Hack

June 5, 2025
BitoPro Loses $11.5M In DeFi Hack Wave

Malaysia Home Minister WhatsApp Breached

June 4, 2025
BitoPro Loses $11.5M In DeFi Hack Wave

BitoPro Loses $11.5M In DeFi Hack Wave

June 4, 2025
BitoPro Loses $11.5M In DeFi Hack Wave

MainStreet Bank Faces Vendor Data Breach

June 4, 2025

Latest Alerts

FBI Warns Hedera NFT Airdrop Crypto Scam

New Chaos RAT Variant Hits Windows and Linux

UNC6040 Vishing Group Target Salesforce Data

Bogus CAPTCHA Lures Install NetSupport RAT

Crocodilus Trojan Steals Crypto Globally

Fake RubyGems Steal Telegram Bot Tokens

Subscribe to our newsletter

    Latest Incidents

    KiranaPro Startup Hacked All Data Wiped

    Nervos Bridge Paused After $3.9 Million Hack

    Ukraine GUR Claims Tupolev Data Theft Hack

    Malaysia Home Minister WhatsApp Breached

    MainStreet Bank Faces Vendor Data Breach

    BitoPro Loses $11.5M In DeFi Hack Wave

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial