Glossary
CRA (Cyber Resilience Act)
The CRA is the EU Cyber Resilience Act, the first horizontal EU law setting mandatory cybersecurity requirements across the lifetime of products with digital elements, including secure-by-design duties, vulnerability handling and incident reporting.
Why it matters
The CRA phases in over several years and will eventually require CE marking for cybersecurity on top of any existing safety or radio marking, so connected hardware makers need to plan for it well before its full application date rather than treating it as optional.