This question was discussed by CUSEC member Michal Rampášek at the EPI conference.
🔒 Od 1. augusta 2025 the Commission's delegated regulation on the RED (Radio Equipment Directive), which introduces the first mandatory cybersecurity requirements for wireless equipment in the EU, will come into force.
💡 O two years later will follow up Cyber Resilience Act (CRA) – with even broader obligations for all products with digital elements, from end devices to components to software and chips.
For manufacturers, importers, distributors and integrators, this means a fundamental change: requirements for product security, liability for vulnerabilities and the need to demonstrate compliance throughout the entire product life cycle.
V príspevku sa venoval aj prepojeniam a rozdielom medzi RED a CRA, ich vzťah k normám EN 18031 and ISA/IEC 62443, but also practical questions such as "when is the product launched on the market" or "who is responsible for the compliance of the components."
