The global and independent platform for the SAP community.

Cyber Resilience Act

The EU Commission's Cyber Resilience Act (CRA) aims to close the digital patchwork around network-connected devices and equipment, from printers to routers to industrial control systems.
E-3 Magazine
31 March 2023
avatar
This text has been automatically translated from German to English.

EU cyber resilience regulation could mean millions in fines

Industrial networks and critical infrastructures require special protection. According to the European Union, there is currently a ransomware attack every eleven seconds. To hold manufacturers, distributors and importers accountable, they face stiff penalties if security vulnerabilities in devices are discovered and not properly reported and closed. "The pressure on the industry - manufacturers, distributors and importers - is growing immensely. The EU will implement this regulation without compromise, even if there are still some steps to be taken, for example with the local state authorities," says Jan Wendenburg, CEO of Onekey. The penalties for affected manufacturers are high: up to 15 million euros or 2.5 percent of global annual sales in the past fiscal year - the larger number counts.

"This makes it unmistakably clear that manufacturers face severe penalties if they fail to implement the requirements," said Wendenburg. The European Commission's proposal provides for the requirements to apply as early as 24 months after the regulation comes into force. Individual elements, such as the obligation to report safety incidents, are to apply after just 12 months. "The time horizon is tight, considering that orders for IT products are already being placed with OEM manufacturers this year for the coming 12 to 18 months. Therefore, the time situation must be considered and resolved now, before a product ends up not being launched on the market due to defects or the market launch is delayed," explains Jan Wendenburg.

The company Onekey operates a firmware analysis platform for finding security vulnerabilities in smart and connected devices, from vacuum cleaner robots to industrial control systems worth millions. With a Cyber Resilience Readiness Assessment, they offer the possibility for manufacturers, distributors and importers to already check their products for essential requirements of the Cyber Resilience Act and furthermore to investigate security gaps and also to fill the SBOM (Software Bill of Materials) required by the EU Commission with content.

avatar
E-3 Magazine

Information and educational outreach by and for the SAP community.


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork. All information about the event can be found here:

SAP Competence Center Summit 2024

Venue

Event Room, FourSide Hotel Salzburg,
At the exhibition center 2,
A-5020 Salzburg

Event date

June 5 and 6, 2024

Regular ticket:

€ 590 excl. VAT

Venue

Event Room, Hotel Hilton Heidelberg,
Kurfürstenanlage 1,
69115 Heidelberg

Event date

28 and 29 February 2024

Tickets

Regular ticket
EUR 590 excl. VAT
The organizer is the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes the attendance of all lectures of the Steampunk and BTP Summit 2024, the visit of the exhibition area, the participation in the evening event as well as the catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due time.