The European Union has taken decisive action to address cybersecurity issues by introducing new regulations like the Radio Equipment Directive (RED) and the Cyber Resilience Act (CRA). We are proud to be supported by the European Union in developing our innovative technology further.

The goal is to develop a product prototype that is easy to use and allows users to self-assess their product’s compliance with the security standards and regulations. The grant empowers us to further our mission of protecting customers and society from cyber incidents by making IoT cybersecurity testing easy and automated. 

The world of connected devices is booming, and the critical need for robust cybersecurity comes with it.  Two key players in this arena are EN 18031 (Radio Equipment Directive (RED)) and the EU Cyber Resilience Act (CRA).  While both aim to improve the security of our digital lives, they approach the challenge from different angles.  Let's break down the key differences and explore how they relate.

Tackling vulnerabilities is at the top of the CRA’s priority list. Device manufacturers and developers will need to offer customers support for the expected product lifetime or five years, whichever is shorter. During that period manufacturers are obliged to address and correct security flaws promptly.

In this post, we focus on EU Cyber Resilience Act’s essential security requirements.

The Cyber Resilience Act (CRA) is a groundbreaking piece of legislation designed to enhance the cybersecurity of digital products and services made available in the EU. The CRA will enter into force on December 10^th, 2024

Cyber Resilience Act obligations for IoT manufacturers, importers, and distributors