Executive Compliance Guide: Cyber Resilience Act (CRA)
Navigating EU Law
September 22, 2025
Executive Compliance Guide: Cyber Resilience Act (CRA)Navigating EU LawSeptember 22, 2025 The CRA establishes cybersecurity rules for digital products sold in the EU, covering smart devices, routers, software and industrial systems. It requires continuous security measures and imposes fines up to €15 million or 2.5 % of turnover in case of non‑compliance. These rules apply to manufacturers, importers, distributors and non‑EU companies selling to the EU market, unless sector‑specific regulations apply. The CRA entered into force on 10 December 2024, with its main obligations applying from 11 December 2027. Latest Events |