Earlier this week European Commission President Ursula von der Leyen announced a Cyber Resilience Act, its purpose is to set common cybersecurity standards for connected devices.
According to the Commission President the rapid spread of digital technologies “has been a great equalizer in the way power can be used today by rogue states or non-state groups” to disrupt critical infrastructures such as public administration and hospitals.
Von der Leyen stated “We cannot talk about defence, without talking about cyber,”
“If everything is connected, everything can be hacked,” she added noting that the growing number of connected devices also drastically increases vulnerability to cyberattacks.
The Commission initiative adds to an existing proposal for a Directive on Security of Network and Information Systems, commonly known as the NIS2 Directive. NIS2 expands the scope of the previous directive, by raising the cyber security requirements for digital services employed in critical sectors of the economy and society.
Besides the NIS2 directive, several proposals are also on the table including a Directive on the resilience of critical entities, the more sectorial Digital Operational Resilience Directive, and several regulations focused on product safety.