FEM co-signs Orgalim statement on Cyber Resilience Act

FEM co-signs Orgalim statement on Cyber Resilience Act

FEM joined forces with Orgalim and other sectoral associations to co-sign a pivotal statement on the upcoming Cyber Resilience Act (CRA).

As we stand at the crossroads of cybersecurity and industry advancement, our message to policymakers is clear: do not rush the trilogue negotiations. The industrial sector’s concerns must be addressed with diligence, not haste.

Here are our 5 key priorities for the CRA:

  1. Transitional Periods: We advocate for a 48-month transitional period, with an additional 24 months for Non-Road Mobile Machinery (NRMM), to ensure a smooth and thorough adoption process.
  2. Product Classification: We endorse the Council’s methodology proposal, emphasising cybersecurity risks as the basis for classifying critical products.
  3. Exclusions: The exclusion of spare parts and free and open-source software (FOSS) development from the CRA is crucial to safeguard innovation and the sustainability of long-term investments.
  4. Support Periods: A support period aligned with the expected product lifetime, as proposed by the European Parliament, is essential for adaptability and resilience.
  5. Cybersecurity Requirements: A refined focus on essential cybersecurity requirements is necessary to meet the specific needs of the industry without stifling growth.
    We are committed to a future where robust cybersecurity and industrial innovation go hand in hand. Let’s ensure the CRA supports this vision.

Read the full statement HERE.