The European Commission wishes to raise the level of requirements required in terms of the security of connected objects by means of new regulations.
Strengthen the level of security of connected objects and digital products. This is the ambition of “Cyber Resilience Act”. This draft regulation, carried by the European Commission and which will be presented Thursday, September 15 to the European Parliament, intends to encourage manufacturers of connected objects to integrate security from the design of their products in order to limit the possibilities of cyberattacks.
In detail, this bill provides that manufacturers will have to monitor and correct flaws over time and guarantee the cybersecurity of products throughout their life cycle if they want to obtain certification and be sold in the European Union. , reports an article published Monday, September 12 by the site Century Digital.
Among the obligations formulated to achieve this objective: the prohibition of default passwords, the obligation to identify relevant security events, the encryption of confidential data or even sobriety in the use of data.
Connected objects, vectors of cyberattacks
This would concern televisions, fridges, cameras, connected electrical equipment, computers or autonomous software as well as components that make up intelligent systems such as chips and routers. In this context, Brussels wishes to establish a list of connected objects according to their level of risk in terms of cybersecurity. For the objects presenting the least threat, the manufacturers will have to carry out the necessary tests and checks themselves to show that their products meet the imposed requirements.
On the other hand, the European Commission will require a security audit by third parties for products considered high risk. Smartphones, operating systems, issuers of digital certificates, chips, smart meters, firewalls for industrial use as well as everything used in a critical digital infrastructure, integrate this category.
Companies that do not comply with the regulation will be subject to sanctions: a fine of up to 15 million euros or 2.5% of the worldwide turnover of the previous year until the recall or withdrawal of products from the European market. . Connected objects are vectors of cyberattacks and must, by law, be able “guarantee the confidentiality of data“, in particular by using encryption, protecting their integrity and processing only the data strictly necessary for their operation.
This is Auto Posted article collected article from different sources of internet, EOS doesn’t take any responsibilities of this article. If you found something wrong in this article, please tell us.