Cyber Cert Labs attend 2 Day EU Cyber Acts Conference Brussels

Our CTO and CEO attended the EU Cyber Acts conference on 12th and 13th March in Brussels. The conference was well attended by delegates across Europe. There were presentations by experts in many fields and panel sessions with key EU stakeholders. There was a lot of interesting insights for manufacturers, importers and distributors of products with digital elements and interested parties like ourselves. The EU Parliament have now approved the act and final sign off from the council will happen post the EU elections. It is expected to be signed off by September / October 2024.

Our main takeaways:

1. Lots of questions still to be answered
2. The cyber resilience act will affect companies large and small and nearly all sectors as it is a horizontal act.
3. Work is on going on harmonised standards and this may take considerable time
4. Composite approach may initially pose problems however further along it will become the norm that you can reply on components being compliant and producers being able to provide that assurance
5. EUCC will be a major part of the conformity assessment
6. SBOMs will become more widespread as in the US and help with vulnerability management throughout the supply chain
7. Resistance from large market players is normal however most of the requirements in the act are standards they should already employ
8. SMEs and Micro SMEs will struggle with compliance and assistance to these enterprises in a cost effective manner will be key to their journey

Introduction