In a bid to bolster the security of digital products like smart TVs, home cameras, connected toys, and smart fridges before they hit the market, representatives from EU member states have agreed on a shared position regarding the proposed Cyber Resilience Act. This legislation lays down broad cybersecurity requirements for products with digital components.
The State Secretary for Digitalisation and Artificial Intelligence, Carme Artigas Brugal, hailed this development as a significant milestone in advancing the EU’s commitment towards a secure digital single market. She stressed the need for IoT and other connected devices to meet basic cybersecurity standards, thereby offering effective protection for businesses and consumers against cyber threats.
This draft regulation establishes compulsory cybersecurity requirements for the design, development, and production of hardware and software products. The goal is to prevent any overlapping requirements that might arise from differing legislation in EU member states. It will apply broadly to any products that connect directly or indirectly to another device or network, with some exceptions for products already covered under existing EU rules such as medical devices, aviation, or cars.