The EU has called for new legislation that would require manufacturers to ensure internet-connected devices meet cyber standards, according to Security Week.
The EU remarked that a ransomware attack takes place every 11 seconds, and the global annual cost of cybercrime is estimated at 5.5 trillion euros in 2021. In Europe alone, cyberattacks cost between 180 and 290 billion euros each year.
The European Commission also stated that an increase of cyberattacks was witnessed during the coronavirus pandemic and that Russia’s war in Ukraine has raised concerns that European energy infrastructure could also be targeted amid a global energy crunch.
The law – which is proposed as the Cyber Resilience Act – aims to remove from the EU market all products with digital elements that are not protected adequately.
If the regulation is adopted, it would require manufacturers to take into account cybersecurity in the design and development of their devices. Businesses would remain responsible for the security of products throughout their expected lifetime, or a minimum of five years.
Market authorities will be provided the power to withdraw or recall non-compliant devices and to fine businesses that do not abide by the rules.
EU commissioner for the internal market Thierry Breton said, “When it comes to cybersecurity, Europe is only as strong as its weakest link, be it a vulnerable member state or an unsafe product along the supply chain.
“Computers, phones, household appliances, virtual assistance devices, cars, toys… each and every one of these hundreds of millions of connected products is a potential entry point for a cyberattack.”
Breton stated that most hardware and software products are currently not subject to any cybersecurity obligations.
Copyright © 2022 RegTech Analyst
Copyright © 2018 RegTech Analyst