In September 2022 the European Commission published their proposal for the so called Cyber Resilience Act. The ambitious piece of legislation aims at raising the overall resilience level of products regarding cybersecurity in the European Single Market. It closely follows the approach of the New Legislative Framework (NLF), therefore using the proven European Framework for Placing products on the market and following the line of thought and the position, which ZVEI hold for quite some time: the need of a horizontal product regulation within the NLF. But the scope of the regulatory project and its requirements are also very extensive and complex, so that some improvements would be necessary to ensure its successful implementation.
ZVEI has summarised its view on the most important aspects and corresponding proposals for solutions in this position paper; an initial overview can also be found in the two-page core issues paper.