European Union’s proposed cyber rule sets ‘lifecycle’ requirements for hardware and software products

The European Commission has issued its proposed Cyber Resilience Act requiring makers of digital products to build in and update cybersecurity protections, under an initiative designed to “rebalance [security] responsibility towards manufacturers.”

“A first ever EU-wide legislation of its kind, it introduces mandatory cybersecurity requirements for products with digital elements, throughout their whole lifecycle,” the European Commission said in a Sept. 15 release. The commission is the executive and administrative body for the EU; it proposes legislation and implements...