Cyber resilience: EU measures and who they affect

Higher cyber resilience only succeeds with secure products

In September 2022, the European Commission published a proposal for new regulation on cyber resilience. The Cyber Resilience Act defines a set of measurements for the security of software programs and applications as a kind of precautionary measure against the growing number of cybersecurity attacks. While it is still up for debate which software applications the Act will cover, providing more secure hardware and software products seems to be a priority.

With the proposal, which also establishes its own cybersecurity strategy, the European Union aims to counter the increasing cyber-attacks with the Covid-19 pandemic. For this, both companies and individual actors have a big job to do, as this regulation will be applicable to all products that are directly or indirectly connected to another device or a network to achieve higher cyber resilience.

It is observed that cyber attacks mostly occur when applications do not perform security-related updates or when users cannot access or understand information about applications with adequate cyber security measures. Therefore the proposal aims to:

ensure that manufacturers improve the security of products with digital elements including the design and development phase and throughout the whole life cycle

ensure a coherent cybersecurity framework, facilitating compliance for hardware and software producers

enhance the transparency of security properties of products with digital elements

enable businesses and consumers to use products with digital elements securely

For whom is the call for greater cyber resilience relevant?

The Cyber Resilience Act aims to bring hardware and software products to market with fewer vulnerabilities. Therefore, two categories of products to which the policy applies are highlighted. These are browsers, antiviruses, password managers, VPNs, firewalls as well as desktop and mobile devices, robotic sensors, virtualized operating systems, identified in the report as high-risk groups.

The European Commission requires manufacturers to conduct regular security tests on their products and to develop defense mechanisms against vulnerabilities. In this way, the protection against the dangers of cyber attacks is supposed to increase.

Until 2030, when the goal of completing the digital transformation will have to be achieved, the IT business is in for a very exciting time. Software that has already been developed taking precautions against cyber attacks and a strong security strategy in mind is one step closer to the European Union's goal. Others had better start developing products on the basis of a decisive security strategy before the cyber resilience target is reached.

An Action Towards Cyber Resilience From EU

Higher cyber resilience only succeeds with secure products

For whom is the call for greater cyber resilience relevant?

Per-App-VPN:

Secure Mail:

Messenger:

Files: