The European Union’s Cyber Resilience Act (CRA) now mandates security requirements for hardware and software throughout their entire lifecycles, applying to all connected products with digital elements. ETSI is leading the development of uniform harmonized standards for high-risk product families like password managers, smart home assistants, and wearables to facilitate consistent compliance across the supply chain. These standards provide a presumption of conformity that simplifies market entry for SMEs, lowers legal costs, and enhances consumer trust through stronger built-in security and privacy protections. By promoting a secure-by-design approach, the CRA aims to strengthen the global competitiveness of EU digital products while ensuring a more resilient cybersecurity landscape.
Keywords: Cyber Resilience Act, harmonized standards, secure-by-design, supply chain compliance, personal data protection