Access Alert: European Institutions reach trilogue agreement on Cyber Resilience Act

Access Alert: European Institutions reach trilogue agreement on Cyber Resilience Act

Co-legislators in the EU institutions reached a trilogue agreement on the proposal for a Cyber Resilience Act following a late-night meeting on Thursday 30 November. The proposed regulation introduces horizontal cybersecurity requirements for products with digital elements to prevent cyber vulnerabilities on the market. These requirements include vulnerability reporting, keeping security updates available, and ensuring supply chain security.

The newly agreed text clarifies that manufacturers of digital products will need to provide security support for five years and keep updates publicly available for ten years, as well as conduct a risk assessment that will inform which security requirements are applicable to their product. The reporting requirements are a key change from previous drafts to the new dual approach in the agreed text. Manufacturers must inform the EU Cybersecurity Agency (ENISA) in addition to Member State authorities via a single reporting platform, reflecting the deal struck between the European Parliament and Council to resolve the conflict of competence.

The text will be now formally approved in the European Parliament and Council, after which it will be published in the EU Official Journal and passed into law. Requirements under the legislation will begin to apply in early 2027.

Cyber-attacks are among the fastest-growing forms of crime worldwide in terms of scale, cost, and sophistication. New regulations like the Cyber Resilience Act drive organisations to address their compliance roadmap and optimise their cybersecurity awareness. If you are interested in learning more about EU cybersecurity policy, please contact Mark Smitham at [email protected] or Rory Gilliland at [email protected].

Related Articles

旅客輸送サービスの現状調査:人口減少下の課題と展望

旅客輸送サービスの現状調査:人口減少下の課題と展望

Read the content in English 著者: Abhineet Kaul (Access Partnership), Swee Cheng Wei (Access Partnership), Chailyn Ong (Access Partnership) アドバイザー:...

30 Aug 2024 General
Passenger Transportation in Japan: Challenges and outlook with ongoing societal changes in less connected areas

Passenger Transportation in Japan: Challenges and outlook with ongoing societal changes in less connected areas

投稿を日本語で読む Authors: Abhineet Kaul (Access Partnership), Swee Cheng Wei (Access Partnership), Chailyn Ong (Access Partnership) Advisors: Dr. Tomoaki Watanabe (GLOCOM),...

30 Aug 2024 General
Access Alert: Update on Mexico’s Regulatory Reforms: What You Need to Know

Access Alert: Update on Mexico’s Regulatory Reforms: What You Need to Know

In recent developments, Mexico is moving forward with a constitutional reform aimed at dissolving several key autonomous agencies, including the...

28 Aug 2024 General
APEC Third Senior Officials’ Meeting 2024: 6 Insights from Digital Week

APEC Third Senior Officials’ Meeting 2024: 6 Insights from Digital Week

The Third Senior Officials’ Meeting (SOM3) of APEC 2024 brought together leaders and experts to address some of the most...

27 Aug 2024 Opinion