Quickcheck Cyber Resilience Act [CRA] –
Are you affected?

Take 2 minutes to find out if you, as a manufacturer or distributor, are affected by the Cyber Resilience Act regulations.

What is the Cyber Resilience Act (CRA) about?

The Cyber Resilience Act (CRA) developed by the EU Commission defines standards for the cyber security of connected devices and thus improves the cyber security of products. It does not matter whether the products are connected to the Internet, communicate with each other or via internal interfaces. The CRA applies not only to finished end products, but also to all preliminary products and components. – In other words, all components of the hardware supply chain.
The CRA regulations apply not only to manufacturers of products with digital elements, but also to distributors and importers.

  • Ensure that products with digital elements placed
    on the EU market have less vulnerabilities

  • Remain manufacturers responsible for
    cybersecurity throughout a product’s life cycle

  • Improve transparency on security of hardware
    and software products

  • Better protection for business users and consumers

Which product phases does the Cyber Resilience Act (CRA) impact?

The Cyber Resilience Act requires the establishment of risk-appropriate cybersecurity measures for affected products in the design, development and production phases, as well as during marketing and use.

The types of actions vary depending on criticality.

What´s the tentative timeline?

Cyber Resilience Act - Timeline

What are the main topics?

  • Cybersecurity has to be included in the planning,
    design, development, production, delivery,
    and maintenance process.

  • Conformity assessment –
    differentiated by level of risk

  • Manufacturers must actively report exploited vulnerabilities and incidents

  • Once Sold, you have to make sure  that vulnerabilities are fixed for the expected product lifetime or for a
    timeframe of 5 years (whichever is shorter)

  • Clear and understandable instructions for use of products with digital elements have to be available

  • Security updates must be available for at least 5 years

Inhouse Workshop

Kick start your implementation today. To support you in planning and implementing the necessary measures and to anchor the topic of the
Cyber Resilience Act in your company, we have developed an in-house workshop for you that will prepare you optimally.

Our workshop offer is primarily aimed at German-speaking companies, and therefore takes place in German. – If your company language is English, please contact us.

Let’s talk about implementation

We will be happy to advise you on the implementation of the Cyber Resilience Act, discuss with you in which form you are affected, and support you with our solutions in complying with the requirements.

Please enable JavaScript in your browser to complete this form.