Cyber Resilience Act

The EU’s Cyber Resilience Act (CRA) is a regulation that aims to improve the cybersecurity of digital products. The act sets mandatory cybersecurity requirements for hardware and software products with digital elements throughout their life cycle.

The act is part of broader developments in legislation related to cybersecurity, such as the NIS2 Directive (entering into force on 17.10.2024) and the Radio Equipment Directive (RED) (entering into force on 1.8.2025). The difference with the above-mentioned directives is that the new Cyber Resilience Act will not be implemented nationally but will be in force in the member states as such. The requirements of the Cyber Resilience Act are therefore not applicable and are the same for all manufacturers operating in the EU.

How can Huld help you to reach CRA requirements?

Huld’s cybersecurity team has a broad understanding of CRA requirements. With our help, you can ensure that all the requirements are taken into consideration properly. Our offering includes, for example:

• Compliancy Assessments
• Secure Software & Product Development (SDL) consultancy
• Threat Modelling & Risk management services
• Security trainings
• Security Verification and Validation and SVV testing
  • Penetration Testing for applications and devices
  • Vulnerability testing (e.g. Black Duck tools)
  • Test automation
• IEC 62443 support