Renew Europe led Cyber Resilience Act to become new international point on reference on cybersecurity

Renew Europe continues to lead the digitalisation of the EU single market and setting new international points of reference on cybersecurity. Through the hard work of MEP Nicola Danti (Italia Viva/Italy) Renew Europe Vice-President, rapporteur on the Cyber Resilience Act and member of the Committee on Industry, Research and Energy, an inter-institutional agreement was reached on Thursday night on this legislative file.

MEP Nicola Danti says:

“The Cyber Resilience Act will strengthen the cybersecurity of connected products, tackling vulnerabilities in hardware and software alike, making the EU a safer and more resilient continent. The Parliament has protected supply chains ensuring that key products such as routers and antiviruses are identified as priority for cybersecurity. We have ensured support for micro and small enterprises and better involvement of stakeholders and addressed the concerns of the open-source community, while keeping an ambitious European dimension. Only together will we be able to tackle successfully the cybersecurity emergency that awaits us in the coming years.”

MEP Morten Løkkegaard (Venstre/Denmark), Renew Europe Vice President and rapporteur of the parts related to the Committee on the Internal Market and Consumer Protection says:

"Cyber security needs to be a top priority throughout Europe. The Russian aggression against Ukraine has emphasized the urgent need to reinforce our defences and improve the detection and sharing of potential threats. This legislation is a necessary step to ensure stronger protection of our citizens and businesses. I am pleased that we managed to secure more flexibility for manufacturers, compared to the initial proposal, while still strengthening the security level. Additionally, we ensure future innovation with special considerations for specific open-source projects and realistic demands for manufacturers."

The Cyber Resilience Act covers all products with digital elements that either are directly or indirectly connected to other devices or networks, making it mandatory for them to meet EU-wide cybersecurity requirements. During the negotiations, Renew Europe has among other things secured a more proportionate approach for open-source developers, ambitious but realistic obligations on manufacturers when it comes to setting the support period, a European approach to vulnerability reporting and to market surveillance, and specific support measures for micro and SMEs, including simplified documentation requirements.