The European Union will make an inventory of ideas about cyber resilience in Europe over the next ten weeks. The results will be incorporated into a proposal for EU legislation, also known as the European Cyber Resilience Act (ECRA). Members of the public are encouraged to submit ideas as well.

The EU is creating common European standards for cybersecurity for products and services sold on the European market. The European Cyber Resilience Act (ECRA) establishes these agreements. It is part of a larger package of rules intended to embed digital security in Europe. Other components of this package include the two NIS guidelines (on networks and information systems) and the Cybersecurity Act that defines the tasks of ENISA, the European cyber watchdog.

The premise behind this public consultation is that everything is connected in a digital economy and society, so everything can be hacked. To date, companies that design and manufacture digital products that are sold on the European market have focused primarily on the specifications and conformity of their products, such as electrical safety. It is often an afterthought to make a product highly secure for its users. The EU wants to change this by making security a core goal for all internet-connected products.

Individuals and organizations are invited to share their vision and experience on the theme of cyber resilience with the European Commission until 25 May. Officials hope the public consultation will provide input for the European Cyber Resilience Act. Their proposal is expected to be published sometime in the second half of this year.

ECRA was announced by European Commission President Ursula von der Leyen during her State of the Union address last September.

Photo credit: Guillaume Périgois