All products with digital elements that are either directly or indirectly connected to another device or network, such as advanced home assistants but also industrial utilities will soon be covered by EU-wide mandatory cybersecurity requirements through the Cyber Resilience Act, endorsed today in the Committee on Industry, Research and Energy (ITRE).
The Cyber Resilience Act, developed under the leadership of Renew Europe, will decrease the number of cybersecurity incidents and enhance transparency. It will safeguard consumers and businesses’ cybersecurity and increase trust in digital products on the European market while at the same time leaving the manufacturers to operate competitively.
The new rules puts the responsibility to comply with the rules on those who put the product on the EU market while market surveillance authorities established by each Member State are set to monitor compliance and fine those companies not abiding with the rules. With many products being produced outside of the EU, this new piece of legislation is hoped to become the international point of reference for the cybersecurity of connected devices.
MEP Nicola Danti (Italia Viva, Italy), Renew Europe Vice-President and who lead the inter-institutional negotiations on the Cyber Resilience Act, says:
"Cybersecurity needs to become a priority for industry and consumers alike. With the Cyber Resilience Act, connected products will be more cyber secure, vulnerabilities will get fixed and cyber threats to our citizens will be minimised. Europe needs to create a culture of cybersecurity and invest in cyber competences and skills: with this Regulation, we will be better prepared to defend ourselves from ever-increasing cyberattacks."
Morten Løkkegaard (Venstre/Denmark), Renew Europe Vice-President and rapporteur of the parts related to the Committee on the Internal Market and Consumer Protection, says:
“We are fighting an intensifying war in cyberspace. This legislative proposal will protect citizens and businesses in the EU by upgrading security for products connected to the internet. However, we also have to boost innovation and protect start-ups and SMEs from unnecessary administrative burdens. Among other things, we emphasize the need for regulatory sandboxes in Member States to let innovation flourish. It is vital for European businesses that we ensure their security – and their global competitiveness and future innovation.”