Without sufficiently secure products, there can be no sufficiently secure processes: Cyber attackers regularly take advantage of the lack of IT security of networked products to successfully compromise IT systems and computer networks. As a result, companies are confronted with security gaps in their IT over which they often have no knowledge or control. To address this shortcoming, the European Union has introduced regulations such as the Cyber Resilience Act (CRA) to ensure higher security standards for all products with digital elements in the future.
The new "Product Cybersecurity Standard" (PCS) supports the implementation of "security by design" in IT products, i.e. the consideration of cybersecurity from the beginning of development to its discontinuation from the market. To this end, it defines basic requirements for what distinguishes data-secure and privacy-compliant digital and networked products, taking into account the current digital threat situation. The set of requirements provides concrete assistance for manufacturers of connected products in their timely preparation for the implementation standards of the Cyber Resilience Act and beyond. They are based on the proven EICAR standards, which have stood for additional security in networked products for years.
The PCS enable companies and providers of networked services to create the basis for higher IT security for their products by means of an initially voluntary public commitment, which in some cases goes beyond regulatory requirements: additional hurdles are imposed in particular for the use of data and information by third parties. In this way, PCS is meeting the increased manufacturer responsibility in the field of IT security and the growing need for trust in networked products.
.jpeg)
