Europe is at a critical juncture: The EU wants to amend the Cybersecurity Act (CSA) — this is essential because Europe’s cybersecurity architecture is in danger of collapsing under its own regulatory weight.
By Norbert Pohlmann
The Cyber Resilience Act is a European Union legislative process aimed at increasing the resilience of Europe's digital infrastructure and strengthening the EU's ability to respond to and defend against cyber-attacks. In an increasingly interconnected world, the security of digital systems is crucial to protect the economy and society from potential cyber-attacks. What does the EU Cyber Resilience Act contain? The EU Cyber Resilience Act contains a number of provisions that oblige companies and organizations to take measures to improve cyber security. These include the obligation to draw up risk analyses and emergency plans, the implementation of security measures and the obligation to report security breaches. What is the aim of the Cyber Resilience Act? The aim of the Cyber Resilience Act is to strengthen the EU's resilience to cyber attacks and improve its ability to respond. To this end, minimum requirements for the cyber security of products and services are to be defined in order to ensure their robustness and security. The act also aims to promote cooperation between member states and improve the EU's cybersecurity capabilities and resources. What is the criticism of the Cyber Resilience Act? The Cyber Resilience Act has been criticized since its publication. Some experts have expressed concerns that the Act does not go far enough to improve cyber security in the EU. In particular, the Act is criticized for not including specific measures to improve the security of critical infrastructure or to combat cybercrime. Furthermore, it is criticized that the law does not contain clear rules on how companies should respond to cyber attacks. Some experts argue that the act is too general and does not provide sufficient protection for EU citizens.
