Cyber Resilience Act

The European Commission has presented a proposal for a new law on cyber security, called the Cyber Resilience Act, which aims to protect consumers and businesses from products with insufficient security features. The law, which is the first of its kind in the EU, introduces mandatory cybersecurity requirements for products with digital elements, throughout their life cycle. This means that manufacturers must offer security support and software updates to fix identified vulnerabilities, and that consumers must be adequately informed about the cyber security of the products they buy and use.

The law is part of the EU's cybersecurity strategy from 2020 and aims to strengthen Europe's economy and collective security. It will also help to create a common market for cyber security in the EU, by introducing a European certification system for IT products, services and processes. Companies doing business in the EU will benefit from only having to certify their IT products, processes and services once and see their certificates recognized throughout the EU.

It is important for companies to manage these new IT security rules as they will increase their competitiveness, trust and responsibility in the market. They will also reduce the risk of cyber attacks and crises that could harm their business, customers and employees. By complying with the new rules, companies will contribute to creating a more resilient and secure digital Europe.