The Cyber Resilience Act aims to strengthen the EU's cybersecurity by ensuring that digital products and services are secure throughout their lifecycle. It encourages proactive risk management and accountability, empowering businesses and users to build a safer digital future together. The European Commission has issued a draft standardisation request to the ESOs for the development of several deliverables to support the implementation of the CRA.
The approach under the standardisation request includes the development of horizontal standards for a generic framework and vertical standards tailored to specific product risks. The cross-border nature of cyber threats needs EU-level action to ensure a competitive single market and boost trust in products with digital elements. Standards can facilitate compliance, particularly for small and medium-sized enterprises and timely development and availability of these standards is crucial for an effective implementation.
The STAN4CR project aims to support and accelerate the standardization efforts within the EU, fostering collaboration and coherence in the rapidly evolving cyber security landscape.
We are launching an Open call for tender related to the development of some of the required vertical standards:
2 Rapporteurs to join the CEN-CLC/ JTC 13 ‘Cybersecurity and Data Protection’ WG 6 ‘Product security’ to work on the following topics:
- “European standard(s) on essential cybersecurity requirements for hypervisors and container runtime systems that support virtualised execution of operating systems and similar environments” Apply here: download the call for tender
- “European standard(s) on essential cybersecurity requirements for firewalls, intrusion detection and/or prevention systems”. Apply here: download the call for tender
APPLICATION DEADLINE: 2025-01-24
