Under the seal of “cyber-resilience”, the European Commission presented, on Thursday, a legislative proposal which would strengthen the computer protection of consumers and businesses in the area.
The European Commission wants to take matters into its own hands in the field of cybersecurity. Brussels unveiled, on September 15, a legislative proposal aimed at making certain IT security requirements mandatory for publishers and manufacturers of digital products and software, in order to better protect consumers in the area. An unprecedented approach on the part of the European institution.
Faced with the state of the threat, the EU wants to introduce cybersecurity from the design of products and software
While a company or organization is the victim of a ransomware attack every 11 seconds worldwide, cybercrime had a staggering cost of 5.5 trillion euros in 2021. Hence the urgency for the European Commission provide EU businesses, organizations and citizens with a high level of cybersecurity and reduce vulnerabilities in digital products, one of the main attack vectors.
Brussels intends to strengthen protection around computers, telephones, cars, household appliances, virtual assistive devices and even toys, which constitute hundreds of millions of connected objects in circulation in the European Union. And each of them can serve as a gateway to a cyberattack “recalls Thierry Breton.
The Commissioner for the Internal Market regrets that ” today, most hardware and software products are not subject to any security requirements “. A sufficient motivation, in the eyes of the European institution, to introduce computer security from the design of products. ” The Cyber Resilience Act will help protect Europe’s economy and everyone’s security “, adds the former minister.
Increased cyber responsibility for manufacturers and sellers
This act had already been announced by the President of the European Commission Ursula von der Leyen a year ago, with the desire to guarantee that digital products – which therefore includes all software -, wireless or wired products, are better secured.
The EU wants to place more accountability on manufacturers and vendors, so that the latter can provide security assistance and software updates to address identified vulnerabilities. To extend the measure, consumers will also have to benefit from sufficient information on the safety of the products and software they buy.
Brussels thus wants to guarantee sufficiently high cybersecurity for products containing digital elements, throughout their entire life cycle. ” Just as we can trust a toy or a fridge with a CE mark, we can, thanks to the Cyber Resilience Act, be sure that the connected objects and software we buy offer strong cybersecurity safeguards. This act will place the responsibility on those who must assume it, i.e. those who place the products on the market. concludes the Executive Vice-President of the Commission, Margrethe Vestager.
The work will be long, but we can welcome this awareness of cyber issues on the part of the Commission, which will now have to federate an entire ecosystem and convince the other European institutions.
Source: Press release
15