News item | 7/19/2023 | 12:17
EU countries reached a negotiating mandate today in Brussels on the Cyber Resilience Act. The Cyber Resilience Act is legislation that ensures that digital products, including all hardware, software and components, meet essential cybersecurity requirements before they are placed on the European market. Manufacturers are required to provide free security updates and to report digital vulnerabilities and incidents. This means that both consumers and business users in the European Union (EU) can rely on secure digital products.
The Dutch cabinet has actively advocated for this legislation. The Cyber Resilience Act is an important part of the government’s approach to making digital products and services safer for everyone.
According to Minister Adriaansens (Economic Affairs and Climate), the amended legal text has been further improved compared to the original proposal of the European Commission. For example, in the amended legal text, the support period for security updates is equal to the lifespan that consumers and companies can reasonably expect from the product, instead of the maximum period of five years proposed by the European Commission. Measures are also included to support small and micro-enterprises in complying with the legislation. Simplified formats for technical documentation, training and awareness initiatives are now part of the proposal.
According to the cabinet, European consumers and business users can benefit from the Cyber Resilience Act trust that the hardware and software they use in the future will be more secure. This autumn, the Spanish presidency of the Council of the EU will negotiate with the European Parliament on behalf of the member states on the final legal text.