EU Cyber Resilience Act: Key Obligations for Digital Products

Hunton Andrews Kurth’s Privacy and Cybersecurity

Email

212 309 1223 direct

Bio and Articles

Find Your Next Job !

Chief Operating Officer / Business Manager
On Balance Search Consultants

Commercial Real Estate Transactional Attorney / Real Estate Lawyer
On Balance Search Consultants

Litigation Legal Support Specialist
Greenberg Traurig, LLP

Trusts & Estates Attorney / Estate Planning Lawyer
On Balance Search Consultants

Legal Support Specialist
Greenberg Traurig, LLP

Litigation Paralegal
Greenberg Traurig, LLP

Trusts & Estates Partner / Senior Attorney
On Balance Search Consultants

Explore More Job Openings

Cyber Resilience Act Published in the Official Journal of the EU

by: Hunton Andrews Kurth’s Privacy and Cybersecurity of Hunton Andrews Kurth - Privacy and Information Security Law Blog-Hunton Andrews Kurth

Thursday, November 21, 2024

Print Mail Download info_icon_img

/>i

On November 20, 2024, Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements (the “Cyber Resilience Act”) was published in the Official Journal of the EU.

The Cyber Resilience Act regulates cybersecurity issues in the design, development, production, manufacturing, and making available on the market, of hardware and software products that are connected, directly or indirectly, to another device or to a network (such as connected home cameras, fridges, TVs, toys and other IoT products). Read our detailed analysis of the applicable obligations for entities under the scope of the Cyber Resilience Act. As an EU regulation, the Cybersecurity Resilience Act will apply directly in all EU Member States.

The majority of the provisions under the Cyber Resilience Act will apply from December 11, 2027. However, there are some exceptions which will become applicable on September 11, 2026, including the rules on incident reporting.

Read the Cyber Resilience Act.