On June 25, 2024, the National Office for Cyber ​​and Information Security (NÚKIB) announced the initiation of preparatory steps for implementing the Cyber Resilience Act (CRA). This significant move involves the adoption of an implementing regulation, which NÚKIB expects to formalize in the autumn of 2024. The regulation is set to enter into force after a three-year transitional period, which means it will be fully effective in the second half of 2027.

The implementing regulation under the CRA is poised to place substantial obligations on the manufacturers of products with digital elements, encompassing both hardware and software. These obligations are designed to enhance cybersecurity throughout the entire lifecycle of these products. By ensuring that manufacturers adhere to these regulations, NÚKIB aims to significantly bolster the security framework of digital products, making them more resilient to cyber threats.

To facilitate a smooth transition and effective implementation of the CRA, NÚKIB announced plans to organize consultations specifically for manufacturers of products that are classified as significant and critical under the new regulation. These consultations are intended to help manufacturers understand the technical specifications required, provide feedback on the most appropriate definitions for these categories, and identify any unique product specifics that might influence compliance.

The consultation period is scheduled to run from June 25, 2024, to July 17, 2024. During this time, manufacturers will have the opportunity to engage with NÚKIB, discuss their concerns, and gain clarity on the new regulatory requirements. This collaborative approach is expected to facilitate the development of robust cybersecurity measures and ensure that manufacturers are well-prepared to meet the upcoming standards.

NÚKIB’s proactive stance on involving manufacturers in the regulatory process underscores its commitment to creating a secure digital environment. By laying the groundwork for the CRA’s implementation well in advance, NÚKIB aims to address potential challenges and foster a culture of cybersecurity that extends across the entire lifecycle of digital products. This initiative reflects a comprehensive effort to safeguard national cybersecurity infrastructure and ensure that products entering the market are resilient against emerging cyber threats.