{"id":5344,"date":"2024-02-21T17:33:57","date_gmt":"2024-02-21T16:33:57","guid":{"rendered":"https:\/\/www.hwgsababa.com\/cyber-resilience-act\/"},"modified":"2025-10-21T18:14:39","modified_gmt":"2025-10-21T16:14:39","slug":"cyber-resilience-act","status":"publish","type":"post","link":"https:\/\/www.hwgsababa.com\/en\/cyber-resilience-act\/","title":{"rendered":"Cyber Resilience Act: a necessary measure for the security of IoT deviced"},"content":{"rendered":"
[vc_row el_class=”margin_top_30″][vc_column][vc_column_text el_class=”paragrafo”]By 2030, it is estimated that there will be over 29 billion connected devices worldwide (source: Statista<\/a>). Inevitably, these devices will need to be as secure as possible to avoid becoming targets of cybercrime. Through the Cyber Resilience Act<\/strong><\/span>, the European Commission aims to protect European citizens from cyber threats <\/strong><\/span>.<\/p>\n

Introduced in September 2022, the new regulation proposal<\/a> is set to become a reality, establishing new and higher standards standards <\/strong><\/span> for the cybersecurity of IoT devices entering the European market and their associated services, as well as imposing stricter obligations on their manufacturers.<\/p>\n

The Act represents one of the most ambitious attempts to regulate the digital ecosystem at a European level, aligning with the broader EU Digital Strategy and complementing other regulations such as the GDPR and the NIS2 Directive.<\/p>\n

Cyber Resilience Act: Where Did It Come From? <\/strong><\/span><\/h3>\n

The need for legislative action on IoT device security<\/a> stems from the realization that the market is growing. The interconnection between more and more IoT devices will increase the flow of data exchanged, which are also processed by organizations other than those operating within the European Union. Among the consequences of this arrangement is increased costs to combat cybercrime.<\/p>\n

It is estimated that cybercrime already costs the global economy trillions of euros each year, and insecure connected devices are often considered an \u201ceasy entry point\u201d for attackers<\/strong><\/p>\n

With the measure, the European Commission has set four goals:<\/h3>\n
    \n
  • create a common European framework <\/strong><\/span> for cybersecurity governance;<\/li>\n
  • ensure that manufacturers, starting from design and throughout the lifecycle, work to improve the protection of devices and services<\/strong><\/span>;<\/li>\n
  • increase transparency <\/strong><\/span> of cybersecurity practices and technical properties of products and services;<\/li>\n
  • provide consumers and businesses with secure products from the first use<\/strong><\/span>.<\/li>\n<\/ul>\n

    These objectives highlight a clear shift in responsibility: security is no longer only the end-user\u2019s concern but becomes an obligation embedded in the production and distribution chain.<\/p>\n

    The Cyber Resilience Act thus requires manufacturers to manage the issue of information security and technical vulnerabilities of devices<\/strong><\/span> by applying the principle of “privacy-by-design<\/em>” to production processes.<\/p>\n

    In practice, this means that every connected device placed on the EU market will need to respect minimum standards of robustness, patchability, and resistance to known attack techniques. The same measure defines products with digital elements, referring to any type of software or hardware product and related remote data processing solutions, including elements related to such products (even if they are brought to market separately). The definition is generic and is specified by the annexes to the text of the law. It should be pointed out that the Cyber Resilience Act also involves importers of digital products <\/strong><\/span> obliging them to disseminate elements on the market that meet the essential requirements to avert vulnerability risks.<\/p>\n

    In this sense, the regulation also acts as a filter at the borders of the European market, preventing insecure products developed elsewhere from undermining European digital security.<\/p>\n

    Cyber Resilience Act:\u00a0 A Guide for Procedures<\/strong><\/span><\/h3>\n

    Manufacturers are required to verify and declare that products with digital elements<\/em> have an EU mark of conformity (provided for in Article 20 of the Cyber Resilience Act); for distributors, on the other hand, there is only the burden of placing on the market only products that are found to be compliant with the regulations.<\/p>\n

    The measure also extends these obligations to substantial changes that occur over time (upgrades, software repairs, physical maintenance), establishing an assessment of whether these changes affect the product’s compliance with the standards.<\/p>\n

    The Cyber Resilience Act is not only a technical regulation but a cultural step forward: it pushes the entire digital supply chain toward accountability, resilience, and transparency, shaping a safer digital future for Europe.<\/strong>[\/vc_column_text][\/vc_column][\/vc_row]\n<\/div>","protected":false},"excerpt":{"rendered":"

    [vc_row el_class=”margin_top_30″][vc_column][vc_column_text el_class=”paragrafo”]By 2030, it is estimated that there will be over 29 billion connected devices worldwide (source: Statista). Inevitably, these devices will need to be as secure as possible to avoid becoming targets of cybercrime. Through the Cyber Resilience Act, the European Commission aims to protect European citizens from cyber threats . Introduced in…<\/p>\n","protected":false},"author":9,"featured_media":5289,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[66],"post_series":[],"class_list":["post-5344","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-iot","entry","has-media"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/posts\/5344","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/comments?post=5344"}],"version-history":[{"count":15,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/posts\/5344\/revisions"}],"predecessor-version":[{"id":269430,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/posts\/5344\/revisions\/269430"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/media\/5289"}],"wp:attachment":[{"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/media?parent=5344"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/categories?post=5344"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/tags?post=5344"},{"taxonomy":"post_series","embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/post_series?post=5344"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}