Contact
QR code for the current URL

Story Box-ID: 1198507

TÜV Rheinland Am Grauen Stein 51105 Köln, Germany http://www.tuv.com
Contact Mr Alexander Schneider +49 221 8065210
Company logo of TÜV Rheinland

TÜV Rheinland on Cyber Resilience Act: Requirements now clearer

(PresseBox) (Cologne, )
Cyber Resilience Act (CRA): EU Cybersecurity Agency clarifies important questions on the application of standards / Ongoing cybersecurity risk assessment for networked products required in future / Early preparation possible and important for companies / www.tuv.com

A new publication from the European Union Agency for Cybersecurity (ENISA) provides more clarity on basic cybersecurity requirements and the standards that can be applied under the Cyber Resilience Act. “The new paper provides insights into the standardization process under the Cyber Resilience Act for the first time. ENISA provides a helpful overview of the proposed requirements and their implementation in harmonized standards,” explains Felix Brombach, cybersecurity expert at TÜV Rheinland.

“Security by design” required

The background to this is the Cyber Resilience Act (CRA), which the EU Parliament passed in March 2024. The aim of the CRA is to improve the cyber security of products that can be connected to each other or to the internet. This applies to products for end consumers as well as products that companies use in their production, for example. The CRA incorporates the principle of “security by design” into European technology law for the first time. In future, it will no longer be sufficient to ensure CRA compliance for a product with digital elements only at the time of market entry, but an ongoing assessment of the risk will be necessary.

The Cyber Resilience Act is relevant for all companies that manufacture such products or use them in their production. Until now, however, companies have lacked a lot of information on the basic requirements of the CRA in order to prepare for it today. “The paper and the 'guard rails' described in it now make it possible to analyze whether your own digitally networked products are likely to already meet the standards required by the CRA. The first possible adjustments to your own production and development processes are now also becoming tangible,” says cybersecurity expert Brombach.

Recognizing gaps in good time

According to the cybersecurity experts at TÜV Rheinland, companies should address the internationally recognized standards set out in the paper as soon as possible and secure their products accordingly. “Companies can already achieve a level of security today that corresponds to the CRA – or identify gaps in good time,” continues Brombach. The CRA is due to come into force within 24 months of its adoption by the European Council. As the CRA is a regulation, it applies directly in all European member states; a national transposition act is not required.

The ENISA paper can be found at: Cyber Resilience Act Requirements Standards Mapping - ENISA.

Website Promotion

Website Promotion

TÜV Rheinland

Safety and quality in almost all areas of business and life: That’s what TÜV Rheinland stands for. The company has been active for more than 150 years and is one of the world’s leading testing service providers. TÜV Rheinland has more than 22,000 employees in over 50 countries and generates annual sales of more than 2.4 billion euros. TÜV Rheinland’s highly qualified experts test technical systems and products around the globe, accompany innovations in technology and business, train people in numerous professions and certify management systems according to international standards. In this way, the independent experts ensure trust along global flows of goods and value chains. Since 2006, TÜV Rheinland has been a member of the United Nations Global Compact for more sustainability and against corruption. Website: www.tuv.com

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2024, All rights reserved

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.