Members' Research Service By / December 16, 2022

EU cyber-resilience act [EU Legislation in Progress]

According to one industry forecast, the total number of internet of things (IoT) connected devices worldwide is set to more than double from 14.6 billion in 2022 to 30.2 billion by 2030.

© Artur / Adobe Stock

Written by Polona Car and Stefano De Luca (2nd edition, updated on 10.05.2023).

New technologies come with new risks, and the impact of cyber-attacks through digital products has increased dramatically in recent years. Increasingly, consumers have fallen victim to security flaws linked to digital products such as baby monitors, robo-vacuum cleaners, Wi-Fi routers and alarm systems. For businesses, the importance of ensuring that digital products in the supply chain are secure has become pivotal, considering three in five vendors have already lost money owing to product security gaps.

The European Commission’s proposal for a regulation, the ‘cyber-resilience act’ therefore aims to impose cybersecurity obligations on all products with digital elements whose intended and foreseeable use includes direct or indirect data connection to a device or network. The proposal introduces cybersecurity by design and by default principles and imposes a duty of care for the life cycle of products.

The Council and Parliament are currently working on defining their respective positions.


Horizontal cybersecurity requirements for products with digital elements
Committee responsible:Committee on Industry, Research and Energy (ITRE)COM(2022)454
Rapporteur:Nicola Danti (Renew, Italy)2022/0272(COD)
Shadow rapporteurs:Henna Virkkunen (EPP, Finland)
Beatrice Covassi (S&D, Italy)
Ignazio Corrao (Greens/EFA, Italy)
Matteo Gazzini (ID, Italy)
Evžen Tošenovský (ECR, Czechia)
Marc Botenga (GUE/NGL, Belgium)
Ordinary legislative procedure (COD)
(Parliament and Council on equal footing
– formerly ‘co-decision’)
Next steps expected: Vote in committee on draft report
EU Legislation in progress timeline

Related Articles

Be the first to write a comment.

Leave a Reply