EU proposes new Cyber Resilience Act

BRUSSELS, Sept. 15– The European Commission presented on Thursday a proposal for Cyber Resilience Act, a new European Union law aiming at guaranteeing cyber security in connected devices and software sold on the single market. “The Cyber Resilience Act will ensure the connected objects and software we buy comply with strong cybersecurity safeguards,”…

BRUSSELS, Sept. 15 (Xinhua) — The European Commission presented on Thursday a proposal for Cyber Resilience Act (CRA), a new European Union (EU) law aiming at guaranteeing cyber security in connected devices and software sold on the single market.

“The Cyber Resilience Act will ensure the connected objects and software we buy comply with strong cybersecurity safeguards,” Margrethe Vestager, executive vice president of the European Commission for a Europe fit for the digital age, said.

“Computers, phones, household appliances, virtual assistance devices, cars, toys… each and every one of these hundreds of millions of connected products is a potential entry point for a cyberattack. And yet, today most of the hardware and software products are not subject to any cyber security obligations,” European Commissioner for the Internal Market Thierry Breton explained.

Based on the principle of “security by design,” the new law will address three areas of action to ensure the safety of users: cyber security will become mandatory; the manufacturer will remain responsible for their product’s cyber security throughout its life cycle; and consumers will be better informed about these parameters while choosing a product with digital elements.

Producers will be able to self-assess 90 percent of their products. These include photo editing, word processing, smart speakers, hard drives and games.

The remaining 10 percent — critical products such as password managers, firewalls, operating systems, microcontrollers and industrial firewalls –will be assessed by a third party.

The CRA will be enforced through a progressive set of measures, according to Breton. The Commission will first ask the producer to comply with the CRA, then the product will either be recalled or permanently withdrawn, and finally a fine equivalent to 2 to 5 percent of the company’s global turnover will be applied.

The Commission’s proposal for the CRA will now be examined by the European Parliament and the Council. If adopted, EU member states and companies will have two years to transpose the regulation into national law. Enditem

ANA NEWS WIRE Disclaimer:
The African News Agency (ANA) is a news wire service and therefore subscribes to the highest standards of journalism as it relates to accuracy, fairness and impartiality.
ANA strives to provide accurate, well sourced and reliable information across Text, Images and Video. Where errors do appear, ANA will seek to correct these timeously and transparently.
The ANA platform also contains news and information from third party sources. ANA has sought to procure reliable content from trusted news sources but cannot be held responsible for the accuracy and opinions provided by such sources on the ANA platform or linked sites.
The content provided for on the ANA News Wire platform, both through the ANA news operation and via its third party sources, are for the sole use of authorised subscribers and partners. Unauthorised access to and usage of ANA content will be subject to legal steps. ANA reserves its rights in this regard.
ANA makes every effort to ensure that the website is up and running smoothly at all times, however ANA does not take responsibility for, and will not be held liable for times when the website is temporarily unavailable due to technical issues that are beyond our control.