Skip to Primary Navigation

Skip to main content

The Cyber Resilience Act: EU-wide requirements for product cybersecurity

View of a photography-allowed area during the inauguration of the new LIS001 data center campus in Oeiras, another step on Lisbon's path to becoming a digital hub of global importance, on October 28, 2025 in Carnaxide, Portugal.
Photo: Horacio Villalobos#Corbis/Corbis via Getty Images

Mareike Christine Gehrmann | Taylor Wessing, Carla Nelles | Taylor Wessing

5 min read
 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

The EU CRA makes cybersecurity mandatory for all products with digital elements.

The Cyber Resilience Act (CRA) is more than just another EU regulation. It is the first European law to establish binding minimum requirements for the cybersecurity of products with digital elements.

As such, it forms a central pillar of the European cybersecurity strategy and makes an important contribution to strengthening

, , , , , , , , , , , ,