Due to the expansion of services in the digital sector and the increasing dependence on digital products, cyber risk has risen significantly. Even though security measures are constantly being adapted to these new challenges, criminal efforts are becoming more sophisticated and more digital. Therefore, a high level of Cyber Resilience is a basic prerequisite for the smooth functioning of highly digitalized processes, networked products and services. Manufacturers and operators must protect all their products and software from an ever-expanding threat landscape -which is where the Cyber Resilience Act (CRA) comes into play. It will introduce cyber security requirements for all product categories based on the principles of the New Legislative Framework.
Bitkom generally welcomes the EU Commission's draft for the Cyber Resilience Act (CRA) to create a more efficient legal framework for cybersecurity through the introduction of legislation on horizontal requirements. Nevertheless, we see some important aspects which should be optimized and clarified during the legislative process.