The EU has made it strict for all smart devices connected to internet — including laptops, fridges, smartwatches — to assess the cybersecurity risks. In case of any errors, the companies are also compelled to fix them under the new Cyber Resilience Act. EU digital chief Margrethe Vestager, in a statement released earlier today, said, “It (the Act) will put the responsibility where it belongs, with those that place the products on the market.
The act was initially announced by European Commission President Ursula von der Leyen in September 2021. The step has been taken in direction to make digital products more secure for consumers across the EU. Failing to comply with the laws can invite a fine of up to EUR 15 million or up to 2.5 percent of the total global turnover for the companies.
Vestager also encouraged companies to comply to these rules of assessing cybersecurity risks as it could save them as much as 290 billion euros annually in cyber incidents.
Under the new law, manufacturers will have to assess the cybersecurity risks on their products. In case of any faults, the companies need to take appropriate procedures to fix problems. Moreover, they are also bound to inform EU cybersecurity agency ENISA of cyber incidents within 24 hours as and when they get aware about it.
The draft rules, before becoming a law, will need to be agreed with EU countries and EU lawmakers.