Due to the expansion of services in the digital sector and the increasing dependence on digital products, cyber risk has risen significantly. Even though security measures are constantly being adapted to these new challenges, criminal efforts are becoming more sophisticated and more digital. Therefore, a high level of Cyber Resilience is a basic prerequisite for the smooth functioning of highly digitalized processes, networked products and services. Manufacturers and operators must protect all their products and software from an ever-expanding threat landscape -which is where the Cyber Resilience Act (CRA) comes into play. It will introduce cyber security requirements for all product categories based on the principles of the New Legislative Framework.
Bitkom generally welcomes the EU Commission's draft for the Cyber Resilience Act (CRA) to create a more efficient legal framework for cybersecurity through the introduction of legislation on horizontal requirements. Nevertheless, we see some important aspects which should be optimized and clarified during the legislative process. To that end we have formulated some specific amendments in our latest position paper.
This is the most current version of this paper, find the older version at the bottom of the page.