EU Enacts Comprehensive Cyber Security Rules to Safeguard IoT Devices and Open Source Developers

December 4, 2023 at 06:01 AM

•

1 min read

EU Enacts Comprehensive Cyber Security Rules to Safeguard IoT Devices and Open Source Developers — Photo: The Register

TL;DR Summary

The European Union's Parliament and Council have reached an agreement on the Cyber Resilience Act (CRA), which imposes mandatory cybersecurity requirements for hardware and software products. The CRA includes a 24-hour disclosure period for security flaws, five years of security patch support, and thorough documentation of security features. Manufacturers, importers, and distributors have 36 months to comply or face fines. Concerns have been raised about the impact on open source software, but the latest version of the CRA exempts free and open source software developed outside of commercial activity.

Topics:business #concerns #cyber-resilience-act #cybersecurity #eu #open-source-software #security-requirements

Share this article

EU lawmakers finalize cyber security rules that panicked open source devs The Register
EU backs rules to protect digital devices from cyber threats The Star Online
EU groups reach agreement on connected products law International Association of Privacy Professionals
IoT vulnerability reporting obligations set to apply in EU from 2027 The Record from Recorded Future News
Smart devices to be protected from cyber attacks after EU strikes deal Euronews
View Full Coverage on Google News

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 5 min read

Condensed

90%

865 → 89 words

Want the full story? Read the original article

Read on The Register

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights