Photo of a person speaking at Conerence On November 30, European Parliament and the European Council agreed to the final of text of The European Cyber Resilience Act. This bill sets up the legal frameworks for hardware and software products marketing in the EU. Parliament and the Council must now formally adopt the final text. Once approved, affected entities will have 36 months to adopt the requirements of the CRA.

What Does This Mean for Cybersecurity Professionals?

The exact text of the final agreement has not yet been made available but is expected to be released publicly in early 2024.

If adopted, the new rules would likely go into effect three years after the law enters into force. This gives affected entities time to adapt their policies and procedures and fit the new requirements.

What ISC2 Members Need to Know

Providing security professionals with the tools they need to understand how to analyze risk and understand compliance to increase cyber resilience is critical for the success of the entire cyber ecosystem. ISC2 offers several Risk Management Practitioner Certificates to help cyber professionals stay ahead of the curve through professional development or explore pathways to the ISC2 CGRC Certification.

Advanced cyber practitioners already familiar with sector frameworks may consider taking their knowledge to the next level by getting certified in Governance, Risk and Compliance (CGRC) . In training for this certification, there will be a comprehensive review of information systems security concepts and industry best practices, covering the seven domains of the CGRC Common Body of Knowledge (CBK).

Read more on how E.U.’s Computer Resilience Act Rewrite Clarifies Vulnerability Reporting, Product Classes  on ISC2 Insights.

ISC2 Skill Builders for Security Operations - These courses are free for ISC2 members. There is a nominal fee for non-members.

ISC2 Think Tank Webinars provide helpful insights into the latest cybersecurity trends, thought leadership and best practices. There are a variety of webinars available free of charge on the ISC2 website on topics like emerging technologies and strategies for CISOs in a transforming job market.