Cyber threats: Europe agrees on rules to protect smart devices

EU countries and EU lawmakers have agreed on rules to protect laptops, fridges, mobile apps, and smart devices connected to the internet from cyber threats following a spate of such attacks and ransom demands in recent years around the world.

Proposed by the European Commission in September last year, the Cyber Resilience Act will apply to all products connected either directly or indirectly to another device or a network.

It sets out cybersecurity requirements for the design, development, production, and sale of hardware and software products.

“Connected devices need a basic level of cybersecurity when sold in the EU, ensuring that businesses and consumers are properly protected against cyber threats,” Jose Luis Escriva, Spanish minister of digital transformation, said in a statement.

Also Read: Senate laments cyber threats to Digital Economy

Manufacturers will have to assess the cybersecurity risks of their products, provide declarations of conformity, and take appropriate action to fix problems during the expected lifetime of the product or for a period of at least five years.

They must be more transparent about the security of hardware and software products for consumers and business users and report cyber incidents to national authorities. Importers and distributors will have to verify that products conform to EU rules.

The Commission has said the cybersecurity rules could save companies as much as 290 billion euros ($316 billion) annually versus compliance costs of about 29 billion euros.