Joint Research Centre & ENISA Joint Analysis
The increasing number of cyberattacks affecting digital products, coupled with widespread vulnerabilities and insufficient timely security updates, creates heavy financial burdens on society. In response, the European Commission has drafted the Cyber Resilience Act (CRA), a new proposal for regulation to define the legislative framework of essential cybersecurity requirements that manufacturers must meet when placing any product with digital elements on the internal market.
To facilitate adoption of the CRA provisions, these requirements need to be translated into the form of harmonised standards, with which manufacturers can comply. In support of the standardisation effort, this study attempt to identify the most relevant existing cybersecurity standards for each CRA requirement, analyses the coverage already offered on the intended scope of the requirement and highlights possible gaps to be addressed.
HERNANDEZ RAMOS Jose Luis;
KAROPOULOS Georgios;
NAI FOVINO Igor;
SPIGOLON Roberto;
SPORTIELLO Luigi;
STERI Gary;
GORNIAK Slawomir;
MAGNABOSCO Philippe;
ATOUI Roland;
CRIPPA MARTINEZ Christine;
Hernandez Ramos, J.L., Karopoulos, G., Nai Fovino, I., Spigolon, R., Sportiello, L., Steri, G., Gorniak, S., Magnabosco, P., Atoui, R. and Crippa Martinez, C., Cyber Resilience Act Requirements Standards Mapping, Publications Office of the European Union, Luxembourg, 2024, doi:10.2760/905934, JRC137340.
2024-04-04
Publications Office of the European Union
JRC137340
978-92-68-14180-9 (online),
1831-9424 (online),
EUR 31892 EN,
OP KJ-NA-31-892-EN-N (online),
https://publications.jrc.ec.europa.eu/repository/handle/JRC137340,
10.2760/905934 (online),
