The European Commission launched a public consultation in March to gather views from a wide range of stakeholders to help shaping the Cyber Resilience Act, a regulation on horizontal cybersecurity requirements for digital products and ancillary services. As a response to this public consultation on the Cyber Resilience Act, ESBG submitted its position to the European Commission on 18 May. The ESBG position focuses on the following aspects: I) Cybersecurity of digital products and the users of digital products; II) Improving the cybersecurity of digital products; and III) Stakeholder impact of potential regulatory measures.
Digital products and ancillary services create opportunities for EU economies and societies but they also lead to new challenges because when everything is connected a cybersecurity incident can affect an entire system, and thus disrupt economic and social activities. The initiative for a Cyber Resilience Act aims to address market needs and protect consumers from insecure products by introducing common cybersecurity rules for manufacturers and vendors of tangible and intangible digital products and ancillary services.
On the whole, ESBG welcomes the European Commission’s Cyber Resilience Act as the level of risk of cybersecurity incidents affecting digital products has increased during the last five years. The overall level of cybersecurity of digital products marketed in the European Union could be improved. Subjecting certain products marketed in the Union to cybersecurity requirements would be effective (e.g. hardware or software products subject to higher cybersecurity risks).
Moreover, ESBG members believe that leaving it to hardware manufacturers and software developers to demonstrate compliance with security requirements is insufficient. It would be more valuable to have the opinion of a third party based on a control framework.
All feedback received will be taken into account as the Commission further develops and fine-tunes this initiative, that is tentatively scheduled for the third quarter of 2022. Input will help the Commission analyse cybersecurity-related problems associated with the digital products markets, explore possible ways forward and assess the impact of different types of interventions.
related
February 3, 2023
Advocating on the EU deforestation regulation
What lessons can be learnt from a French diplomat from the XIX century?
January 11, 2023
ESBG responds to the ESAs call for evidence on greenwashing
Therefore, in the interest of customers, banks, saving banks and issuers of financial products, ESBG
October 5, 2022
Joint letter to Commissioner McGuinness on the EFRAG consultation regarding its first set of draft ESRSs
On 27 September, the ESBG, together with the European Banking Federation (EBF), the European Association of Co-operative Banks (EACB), Insurance Europe, Accountancy Europe, Business Europe and…
September 9, 2022
ESBG response to the EFRAG consultation on its first set of draft ESRSs calls to ensure levelled global playing field
In its response to the European Financial Reporting Advisory Group (EFRAG) public consultation on the first set of Draft EU Sustainability Reporting Standards (ESRSs), the European Savings and Retail…
September 7, 2022
EU Taxonomy minimum safeguards: Criteria for the application of external checks should be further defined
The European Savings and Retail Banking Group submitted its final response to the Platform for Sustainable Finance (PSF) consultation on its draft report on minimum safeguards (MS). In its response,…
August 3, 2022
International Sustainability Standards Board consultation on Sustainability Disclosures
The International Sustainability Standards Board (ISSB) has been established at COP26 with the purpose of developing a comprehensive global baseline of sustainability disclosures for the capital…
May 27, 2022
ESBG calls for more feasible rules on the new corporate sustainability due diligence
In its response to the European Commission call for feedback on the proposal for a Directive on Corporate Sustainability Due Diligence, the European Savings and Retail Banking Group (ESBG) suggests…
April 28, 2022
ESBG response to ESMA’s consultation on guidelines of MiFID II suitability requirements
ESBG's response to the European Securities and Market Authority (ESMA) consultation on some MiFID II sustainability aspects. European banks calls for clear procedures and to avoid unnecessary…
March 3, 2022
Strengthening the quality of corporate reporting and its enforcement in the EU
The consultation aims to evaluate the impact of the EU framework on the three pillars of high quality and reliable corporate reporting: corporate governance, statutory audit and supervision. This…
February 25, 2022
European Commission Banking Package proposal
ESBG responded to the European Commission “have your say" consultation on the Banking Package proposal.