Fast and reliable reporting and recovery of cybersecurity incidents
As hardware and software products are increasingly being targeted by cyberattacks, the European Commission published a proposal for a Cyber Resilience Act in September 2022.
It aims to strengthen the overall cybersecurity of IoT and digitally connected products in the EU. Under the CRA, the manufacturers of these products would have to prove that they have complied with EU-harmonized cybersecurity standards during development and production. This will be documented in a so-called software bill of materials (SBOM). They must also document any vulnerabilities they become aware of and fix them within a reasonable period of time.
To report cybersecurity incidents and to take appropriate action, organizations can use a Critical Event Management (CEM) system. In addition to warning of natural disasters and hazards, it can also be used for internal incidents that affect organization’s products, supply chain, or data.
Thanks to predefined templates and events, it is possible to directly execute processes to resolve the issue. In the context of the Cyber Resilience Act, this could be the informing employees, customers, and stakeholders about any incident – as this is mandatory. You can also report on the actions taken.
Learn more about Utimaco’s Critical Event Management software to meet the incident reporting and handling requirements due to the Cyber Resilience Act.