The European Union (EU) is poised to implement a new regulation aimed at bolstering cybersecurity across a wide range of products. The Cyber Resilience Act (CRA), currently in its final stages of approval, will introduce stricter requirements for manufacturers of products with digital elements.

What the Latest Draft Says

Article 69(2) of the latest draft, recently voted on by the European Parliament, clarifies the applicability of the CRA to existing products. It states that products placed on the market before the 36th month following the regulation’s entry into force will only be subject to the CRA’s requirements if they undergo substantial modifications after that date.

Legislative Process and Timeline

The CRA is currently undergoing the final stages of the EU legislative process. Following the Parliament’s vote, the Council of the European Union will review the draft. If approved, the Regulation is expected to be adopted soon and enter into force within six months. This means manufacturers can anticipate the CRA becoming enforceable before summer 2024.

What This Means for Manufacturers

With the CRA’s imminent arrival, manufacturers need to be prepared. The new regulation will apply to any products with digital elements placed on the market after the enforcement date. This includes a wide range of goods, from connected appliances and toys to machinery and medical devices.

Manufacturers will be responsible for ensuring their products comply with the CRA’s cybersecurity requirements. These requirements are likely to focus on aspects such as:

• Secure design and development practices
• Vulnerability management processes
• Patching and update provisions
• Incident reporting procedures

Taking Action Now

While existing products with minimal modifications may be exempt, it’s crucial for manufacturers to start familiarizing themselves with the CRA’s provisions. Proactive companies can begin assessing their product lifecycles and development processes to ensure compliance with the new regulations.

Get Your Free CRA Assessment

We understand that navigating complex regulations can be challenging. To help manufacturers prepare for the CRA, we are offering a free CRA assessment. This assessment will help you identify potential gaps in your current practices and provide guidance on achieving compliance.

Stay informed and ensure your products meet the future of cybersecurity standards. 

Contact us today to schedule your free CRA assessment.