Ready for the EU Cyber Resilience Act

Get ready for the new EU Regulation with our CRA Readiness Check.
With the Cyber Resilience Act officially released, the European Union is introducing binding cybersecurity requirements for “products with digital elements”. The aim of the cybersecurity requirements for companies is to increase resilience against cyberattacks and to provide reliable digital services.
The CRA has been published in the Official Journal of the EU in November 2024 officially setting the deadlines for implementing the IT security regulations.
- 11 June 2026: Chapter IV (notification of conformity assessment bodies) comes into effect.
- 11 September 2026: Article 14 (reporting obligations for manufacturers) requires manufacturers to notify national authorities and ENISA of actively exploited vulnerabilities in their products.
- 11 December 2027: From this date, all CRA requirements will apply, meaning that no "product with digital elements" may be sold in the EU without a CE mark
Discover how you can meet the requirements of the new EU Regulation and ensure your products are secure for placement on the European market: Our Quick Readiness Check will immediately inform you whether you need to take action.
What is the Cyber Resilience Act and which rules will apply starting in 2027?
- The Cyber Resilience Act applies to any product with digital elements that is intended to be sold and distributed in the European Single Market.
- The economic actors affected have different obligations which, depending on the category, may require a more comprehensive look at the EU Regulation and involve greater efforts.
- For certain products, independent third parties must certify the CRA compliance of the product.
- In the event of non-compliance, the products may not be placed on the market, and economic actors may be subject to considerable fines.
Who and what is affected by the Cyber Resilience Act?
Cybersecurity as a requirement for CE marking
With the Cyber Resilience Act (CRA), cybersecurity has become a mandatory requirement for CE marking of products with digital elements. Manufacturers must demonstrate that their products comply with the new regulatory security standards and the company has adequate vulnerability management in place. Meeting these obligations is essential to maintain access to the EU market.
The CE marking indicates that a product complies with all applicable EU regulations and can be sold freely within the European Economic Area. It serves as a declaration by the manufacturer that the product meets essential health, safety, and environmental protection standards. The introduction of the CRA builds upon this established CE process but adds new elements specifically related to cybersecurity. Manufacturers must now ensure that their products meet not only the traditional safety and environmental standards but also the cybersecurity requirements laid out in the CRA, including vulnerability management and software update provisions
Complete our CRA Readiness Check.
Start your comprehensive preparation for the Cyber Resilience Act now and make sure your products are in compliance once the new EU Regulation comes into force.
Our CRA Readiness Check will help you understand the new requirements of the EU Regulation, meet them on time and ensure that your products conform to the highest cybersecurity standards.
Your benefits with our CRA Readiness Check:
Cyber Resilience Act (CRA) FAQs
Inquire about our CRA Readiness Check.
