EU Cyber Resilience Act: What to watch out for now
The EU Commission's Cyber Resilience Act aims to increase the security level of connected devices by making manufacturers, importers, and distributors responsible for creating secure devices and maintaining that level of security throughout the product's life-cycle. The act is a response to the widespread low level of cybersecurity of connected devices and the increasing threat landscape, which caused global annual costs of more than EUR 5.5 trillion in 2021. The regulation mandates the implementation of mature cybersecurity processes, a reporting obligation for actively exploited vulnerabilities, a duty to monitor and mitigate vulnerabilities during the expected product lifecycle, and an obligation to publish security information and how to securely install and operate devices. In the future, manufacturers and distributors must inform ENISA, the European Union Agency for Cyber Security, within 24 hours when a security vulnerability is exploited. ONEKEY offers a Real-Time Monitoring service to help customers stay compliant with the Cyber Resilience Act by receiving immediate notifications of security vulnerabilities and incidents and offering automatic notification to ENISA. Local market surveillance authorities in each member state will be responsible for implementing and enforcing the directive.
Further readingExhibitor: ONEKEY GmbH