FERMA provides feedback to the European Commission on its proposed Cyber Resilience Act

 

 

FERMA believes the Cyber Resilience Act (the CRA) will improve cybersecurity in the EU but also sees problems arising in the areas of obligations and fines.

The European Commission’s proposed regulation, the CRA, aims to impose cybersecurity requirements on all products ‘with digital elements’. In other words, the CRA aspires to introduce a need for ‘cybersecurity by design’.

Further, the proposed CRA would impose a duty of care for the life cycle of products and will also introduce fines for non-compliance. It purports to do for cyber security what GDPR has done for data privacy.

In FERMA’s feedback to the European Commission, we emphasised two main concerns:

  1. The obligations on manufacturers, distributors and importers are extensive and the reality with digital products is that it is often infeasible to evidence 100% full compliance; and,
  2. The introduction of fines for non-compliance may have a variety of unintended consequences, such as stifling innovation or disincentivising investment.

FERMA, as the representative body of the risk profession at EU-level, is happy to see such a strong focus on risk assessment and risk management throughout the requirements in the CRA.

There are, however, a vast number of regulations in the digital sphere, which when looked at on the whole comprise a complex regulatory landscape.

FERMA will therefore seek to inform its Members and network on the evolving needs and requirements concerning cyber resilience.

Contact: Charles.low@ferma.eu

Tags: digital

Share with others

Subscribe to our newsletter

* indicates required
Interests

By subscribing to our newsletter, you agree that we may process your information in accordance with our Privacy policy.

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at enquiries@ferma.eu.

We use MailChimp as our marketing platform. By subscribing to our newsletter, you acknowledge that your information will be transferred to MailChimp for processing. Learn more about MailChimp’s privacy practices here.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.