Glossary

CRA (Cyber Resilience Act)

The CRA is the EU Cyber Resilience Act, the first horizontal EU law setting mandatory cybersecurity requirements across the lifetime of products with digital elements, including secure-by-design duties, vulnerability handling and incident reporting.

Why it matters

The CRA phases in over several years and will eventually require CE marking for cybersecurity on top of any existing safety or radio marking, so connected hardware makers need to plan for it well before its full application date rather than treating it as optional.

Read the full CRA guide

Back to the glossary