What is it about?
The CRA contains requirements for the cybersecurity of products with digital elements. The implementation of these requirements will be ensured through market surveillance and significant threats of sanctions.
The CRA contains requirements for the cybersecurity of products with digital elements. The implementation of these requirements will be ensured through market surveillance and significant threats of sanctions.
In September 2022, the EU Commission published the proposal for a corresponding regulation. This is the first step in the EU's procedure for enacting the Cyber Resilience Act. The regulations of the CRA are to become applicable 24 months after its entry into force, but certain information obligations already after 12 months.
The requirements for products with digital elements and the processes for dealing with vulnerabilities do not only affect product manufacturers. Importers and distributors are also subject to certain investigation and verification obligations. There are no company size-related exceptions. However, manufacturers of medical devices and vehicle safety systems are exempt from the CRA.
The CRA covers a wide range of requirements for "products with digital elements". These are all software and hardware products as well as "remote" data processing solutions without which an intended function of the respective product with digital elements could not be carried out. The requirements include, among others
SKW Schwarz is ideally positioned to help companies comply with the expected requirements of the CRA. These include: