FEM joined forces with Orgalim and other sectoral associations to co-sign a pivotal statement on the upcoming Cyber Resilience Act (CRA).
As we stand at the crossroads of cybersecurity and industry advancement, our message to policymakers is clear: do not rush the trilogue negotiations. The industrial sector’s concerns must be addressed with diligence, not haste.
Here are our 5 key priorities for the CRA:
- Transitional Periods: We advocate for a 48-month transitional period, with an additional 24 months for Non-Road Mobile Machinery (NRMM), to ensure a smooth and thorough adoption process.
- Product Classification: We endorse the Council’s methodology proposal, emphasising cybersecurity risks as the basis for classifying critical products.
- Exclusions: The exclusion of spare parts and free and open-source software (FOSS) development from the CRA is crucial to safeguard innovation and the sustainability of long-term investments.
- Support Periods: A support period aligned with the expected product lifetime, as proposed by the European Parliament, is essential for adaptability and resilience.
- Cybersecurity Requirements: A refined focus on essential cybersecurity requirements is necessary to meet the specific needs of the industry without stifling growth.
We are committed to a future where robust cybersecurity and industrial innovation go hand in hand. Let’s ensure the CRA supports this vision.
Read the full statement HERE.