#cyberresilienceact — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cyberresilienceact, aggregated by home.social.
-
https://www.europesays.com/uk/958955/ Alliance urges EU to rethink cyber rules for SIM tech #CyberResilience #CyberResilienceAct(CRA) #Cybersecurity #DataProtection #DeviceSecurity #DigitalResilience #eSIM #EU #Europe #Europe(European) #European #EuropeanCommission #EuropeanUnion(EU) #infosec #InternetOfThings(IoT) #IoTSecurity #NetworkSecurity #sim #SoftwareUpdates #SupplyChainSecurity #SupplyChain #TrustedConnectivityAlliance
-
Alliance urges EU to rethink cyber rules for SIM tech
Trusted Connectivity Alliance has urged European standards…
#Europe #EU #Cyberresilience #CyberResilienceAct(CRA) #cybersecurity #Dataprotection #Devicesecurity #DigitalResilience #eSIM #Europe(European) #EuropeanCommission #EuropeanUnion #EuropeanUnion(EU) #Infosec #InternetofThings(IoT) #IoTSecurity #Networksecurity #SIM #SoftwareUpdates #SupplyChain #SupplyChainSecurity #TrustedConnectivityAlliance
https://www.europesays.com/europe/41684/ -
Europe is our home. Digital resilience is our mission. 🇪🇺
Happy #EuropeDay to everyone working to keep the Union secure!
-
Europe is our home. Digital resilience is our mission. 🇪🇺
Happy #EuropeDay to everyone working to keep the Union secure!
-
Europe is our home. Digital resilience is our mission. 🇪🇺
Happy #EuropeDay to everyone working to keep the Union secure!
-
Europe is our home. Digital resilience is our mission. 🇪🇺
Happy #EuropeDay to everyone working to keep the Union secure!
-
Europe is our home. Digital resilience is our mission. 🇪🇺
Happy #EuropeDay to everyone working to keep the Union secure!
-
Everfield Germany to acquire Rhebo, expanding OT cybersecurity footprint across DACH industrial markets
Everfield Germany GmbH has signed a definitive agreement to acquire Rhebo GmbH. Completion of the transaction remains subject…
#Germany #DE #Europe #EU #Europa #connectedinfrastructure #cyberresilience #CyberResilienceAct #cybersecurity #Everfield #industrialenvironments #industrialoperator #networkmonitoring #NIS2 #OTsecurity #Rhebo #threatlandscape
https://www.europesays.com/germany/10242/ -
#CyberResilienceAct: #BSI ( @bsi ) wird zum digitalen TÜV für vernetzte Produkte | heise online https://www.heise.de/news/Cyber-Resilience-Act-BSI-wird-zum-digitalen-TUeV-fuer-vernetzte-Produkte-11278890.html
-
Cloud tech outages: how the EU plans to bolster its digital infrastructure.
Global digital infrastructure behind literally every modern service is far more fragile than you’d think…
The Cyber Resilience Act (CRA), in force since 2024, is the EU’s way of hard wiring “resilience by design” into the entire stack of connected hardware and software that underpins Europe’s digital infrastructure.
-
⁉️ Why does the Cyber Resilience Act still need some tweaking? It’s in the federal government’s coalition agreement 👉 “Digital policy is power politics. We want a digitally sovereign Germany. To achieve this, we will reduce digital dependencies […].“
And then this: The BSI reporting portal, where approximately 30,000 German companies and government agencies must register as part of the NIS 2 implementation, is based on cloud infrastructure from Amazon Web Services (AWS). 🙉 #CyberResilienceAct
-
Heute waren wir bei der Verbändeanhörung im BMI zum CRA-Durchführungsgesetz.
Wir fordern u.a.:
1) Unterstützung für Open-Source-Akteure bei der Umsetzung der CRA-Anforderungen!
2) Das Online-Portal für die CRA-Beschwerdestelle muss auf einer digital souveränen Open-Source-Lösung gebaut werden, keine proprietären US-Hyperscaler in kritischen Bereichen!
Bei 1) will das BSI eine Übernahme in den Gesetzentwurf prüfen, bei 2) waren sie stur.
Wir bleiben dran!
-
Und noch etwas: Wir fordern das BSI auf, für das neu einzurichtende CRA-Beschwerdeportal digital souveräne Open-Source-Lösungen zu verwenden...
...statt den gleichen Fehler wie beim NIS-2-Meldeportal zu wiederholen, das sensible Daten der kritischsten Unternehmen in Deutschland verarbeitet und auf einer Cloud-Infrastruktur von AWS aufsetzt. 😵💫
https://www.heise.de/meinung/Das-Meldeportal-in-der-AWS-Cloud-Warum-nur-BSI-11142071.html
🔎 Unsere Stellungnahme zum CRA-Durchführungsgesetz findet Ihr hier: https://osb-alliance.de/pressemitteilungen/cyber-resilience-act-und-open-source-umsetzung-entscheidet-ueber-sichere-digitale-infrastrukturen
-
📆 Bald müssen Unternehmen die Anforderungen des Cyber Resilience Act (CRA) erfüllen.
Das deutsche „CRA-Durchführungsgesetz“ legt fest, welche Wirtschaftsakteure bei der CRA-Compliance Unterstützung bekommen können.
Wir fordern: Das CRA-Durchführungsgesetz muss genau wie der CRA selbst die Besonderheiten des Open-Source-Ökosystems berücksichtigen – denn ohne Open Source läuft nichts!
🔎 Unsere Stellungnahme findet Ihr hier: https://osb-alliance.de/pressemitteilungen/cyber-resilience-act-und-open-source-umsetzung-entscheidet-ueber-sichere-digitale-infrastrukturen
-
Stay ahead! Learn how OWASP SAMM helps achieve CRA compliance by turning security requirements into measurable practices, integrating them into your SDLC, and embedding continuous, risk-based security.
Read: https://owaspsamm.org/blog/2026/02/27/cra-compliance-with-owasp-samm
-
Stay ahead! Learn how OWASP SAMM helps achieve CRA compliance by turning security requirements into measurable practices, integrating them into your SDLC, and embedding continuous, risk-based security.
Read: https://owaspsamm.org/blog/2026/02/27/cra-compliance-with-owasp-samm
-
Stay ahead! Learn how OWASP SAMM helps achieve CRA compliance by turning security requirements into measurable practices, integrating them into your SDLC, and embedding continuous, risk-based security.
Read: https://owaspsamm.org/blog/2026/02/27/cra-compliance-with-owasp-samm
-
Stay ahead! Learn how OWASP SAMM helps achieve CRA compliance by turning security requirements into measurable practices, integrating them into your SDLC, and embedding continuous, risk-based security.
Read: https://owaspsamm.org/blog/2026/02/27/cra-compliance-with-owasp-samm
-
Stay ahead! Learn how OWASP SAMM helps achieve CRA compliance by turning security requirements into measurable practices, integrating them into your SDLC, and embedding continuous, risk-based security.
Read: https://owaspsamm.org/blog/2026/02/27/cra-compliance-with-owasp-samm
-
Im Rahmen der Umsetzung des #CyberResilienceAct (CRA) wird uns erneut eine besondere Rolle zuteil. Neben der Ernennung zur marktüberwachenden Behörde übernehmen wir auf europäischer Ebene nun den Vorsitz der Administrative Cooperation Group „AdCo CRA“. 🇪🇺
Mehr dazu findet ihr in der offiziellen Pressemitteilung: 👉️ http://www.bsi.bund.de/dok/1194596
-
EU-Vorschrift für Cybersicherheit zwingt Embedded-Systems-Branche zu Änderungen | c't Magazin https://www.heise.de/news/EU-Vorgaben-fuer-Cybersicherheit-zwingt-Embedded-Systems-Branche-zu-Veraenderungen-11208242.html #CRA #CyberResilienceAct
-
Die EU predigt digitale Souveränität, aber bei der eigenen Konsultation zum #CyberResilienceAct gibt's nur Microsoft-Excel-Formulare. 🤦
Die #DocumentFoundation kritisiert das als "strukturelle Voreingenommenheit" und fordert offene Standards wie #ODF. Denn wer #LibreOffice nutzt, muss erstmal basteln.
Sollte die EU nicht mit gutem Beispiel vorangehen? 🌍⚖️
-
#Digitalization #CyberResilienceAct #EU - Request to the European Commission to adhere to its own guidances - "The European Commission has accepted our request, and starting from today – Friday March 6 – has added the Open Document Format ODS version of the spreadsheet to be used to provide the feedback. We are grateful to the people working at DG CONNECT, the Commission’s Directorate-General for Communications Networks, Content and Technology, for responding to our request within 24 hours. At this point, the rest of this message is no longer relevant, and the call for action is no longer necessary." - The Document Foundation https://blog.documentfoundation.org/blog/2026/03/05/cra-guidances/
-
Die Document Foundation wirft der EU-Kommission vor, beim #CyberResilienceAct ausgerechnet auf Microsofts xlsx-Format zu setzen - statt auf offene Standards wie ODF. #LibreOffice https://winfuture.de/news,157339.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
-
La Document Foundation accusa la Commissione Europea di usare esclusivamente il formato proprietario .xlsx per raccogliere feedback sul Cyber Resilience Act, ignorando i propri principi su interoperabilità e standard aperti. #LibreOffice #TDF #CyberResilienceAct #ODF #OpenSource
-
In Brussels 🇪🇺 today, Paul Sharratt is participating in the fourth meeting of the #CyberResilienceAct Expert Group, representing the #SovereignTechAgency in discussions on #CRA implementation.
Drawing on our experience in the open source ecosystem, we are contributing expertise to help ensure the CRA supports secure and sustainable digital infrastructure in Europe, particularly for maintainers of critical #opensource technologies.
-
The European Commission dropped yesterday the new guidance for the Cyber Resilience Act (CRA)! 🇪🇺
We’ve analyzed the March 2026 updates, focusing on Product with Digital Elements (PDE) interpretation and the new compliance roadmap.
Full breakdown here:
🔗 https://craevidence.com/blog/cra-commission-guidance-march-2026 -
The @EUCommission published draft guidance on the #CyberResilienceAct, including a detailed chapter on #FOSS. EC staff has worked on these and previous drafts for quite a while, and have been open for concerns/clarification from #opensource community members. If this topic interests you, be sure to have a look. I would be interested to hear your thoughts, I’ll likely write up some feedback.
Public comment open till March 31st.
-
The European Commission has published its draft guidance on the #CyberResilienceAct #CRA, including guidelines on provisions about open-source software and remote data processing solutions. 4 weeks to offer feedback!
-
Our robot runs on NixOS. Here is the problem it actually solves.
The EU Cyber Resilience Act makes reproducible builds, long-term support, and verifiable SBOMs a legal requirement.
Our CTRL-OS module runs NVIDIA Jetson on a stock Linux kernel with NixOS. We built a robot on top of it to test real-world integration.
Next: a Security Tracker for vulnerability exposure on Nix-based stacks.
We wrote up the full story on our blog:
https://cyberus-technology.de/en/articles/long-lived-certifiable-robots-on-nixos-ctrlos/ -
RE: https://mastodon.social/@fsfe/116040861903300329
The deadline for this survey on the Cyber Resilience Act #CRA is on 28 February. This is especially relevant for smaller organisations or individuals involved in #FreeSoftware #OpenSource who will be effected by the #CyberResilienceAct.
-
Mit dem Cyber Resilience Act zieht die EU die sicherheitspolitische Notbremse für digitale Produkte. Das Bundesamt für Sicherheit in der Informationstechnik erklärt, was das heißt: Security by Design, Update-Pflichten, Meldewege. Klingt selbstverständlich – war es aber nicht. Ab 2027 gilt: Wer vernetzt verkauft, haftet auch für Sicherheit.
@[email protected]
#CyberResilienceAct #Cybersicherheit #EU https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Cyber_Resilience_Act/cyber_resilience_act_node.html -
Hello #EUPolicy community! 👋 #Introduction
As the Sept 2026 #ENISA deadline nears, the industry is moving from "Policy" to "Practice." 🇪🇺
At craevidence.com, we help manufacturers, importers, and distributors automate #CyberResilienceAct compliance. Replace manual spreadsheets with:
🛠️ Practical #CRA documentation
📦 #SBOM & VEX management
🇪🇺 #CEmarking evidenceThe 24h reporting window is coming. We provide the automated bridge to ENISA notification. 🤝
-
Part of a company, foundation or other organisation that does #OpenSource?
The #EU are seeking feedback to prepare their proposal for "Security Attestations for Open Source", a potential revenue source for Open Source #foundations and Communities!
We'll share more info on the Commission's proposal soon!
Give your feedback here ⬇️
https://ec.europa.eu/eusurvey/runner/CRA-Attestation-Survey-2026-FOSDEM
[JM]
-
#CyberResilienceAct: ORC Working Group veröffentlicht erstes Whitepaper | Developer https://www.heise.de/news/Cyber-Resilience-Act-ORC-Working-Group-veroeffentlicht-erstes-Whitepaper-11177353.html #OpenSource #CRA
-
... um Sicherheitslücken und Stabilitätsprobleme früh sichtbar zu machen.
Hier unterstützt unsere Schulung „Security Testing mit Fuzzing“!
Format: 2 Tage Präsenz + Online Session
Zielgruppe: Teams und Verantwortliche aus Entwicklung, Test und Qualitätssicherung.
Ort: Fraunhofer FOKUS in Berlin
Nächste Termine 2026: 05.–06.05., 23.–24.06., 29.–30.09., 24.–25.11.
👉🏻 https://www.fokus-akademie.de/de/kurse/fuzzing-security-testing.html
#fuzzing #SoftwareTesting #cybersecurity #devsecops #QualityEngineering #CyberResilienceAct
-
My #FOSDEM2026 talk recordings are up!
I've been working for the past few months on developing a "theory of voluntary security attestations" -- building on the outlines drawn by #CyberResilienceAct's Article 25, I think there is an opportunity for many #OpenSource projects/communities to become sustainably funded as a result of this new EU cybersecurity regulation.
Talk #1: 20-minute explainer
https://fosdem.org/2026/schedule/event/PTHENV-sustaining-foss-with-attestations/Talk #2: 40-minute panel with the public sector
https://fosdem.org/2026/schedule/event/U9JFC8-sustaining-foss-a-panel-with/But there are still a lot of unknowns for me, for all of us ...
So! If you want to get involved, help figure this out, join the Matrix channel -- #oss-attestations:fosdem.org
-
📝 Digital Omnibus on AI: the European Parliament Rewrites the Commission's Rules
Comparative analysis of the IMCO-LIBE Draft Report PE782.530 against the Commission's proposal COM(2025) 836 on the Digital Omnibus on AI: fixed deadlines, AI literacy, sensitive data, sandboxes and...
🔗 https://www.nicfab.eu/en/posts/eup-draft-report-ai-omnibus/
#HighRiskAI #CyberResilienceAct #PrivacyByDesign #EURegulation #AICompliance
-
🌍 💶 Back in December, we looked at the EU’s €1.3B investment in AI, cybersecurity, and digital skills.
The message still stands: security is no longer optional.
At RELIANOID, we help organizations embrace secure-by-design solutions, aligned with NIS2, CRA, and EU regulations.
🔐 Now is the time to invest in security.
#Cybersecurity #DigitalEurope #AI #NIS2 #CyberResilienceAct #RELIANOID #SecureByDesign
-
Rechtsvorschau 2026: Das ändert sich für ITler in diesem Jahr | iX Magazin https://www.heise.de/hintergrund/Vorschau-2026-Was-aendert-sich-im-europaeischen-und-deutschen-IT-Recht-11112525.html #DSGVO #GDPR AIact #ArtificialIntelligence #KRITIS #NIS2 #DigitalSovereignty #DigitalMarketsAct #DMA #DSA #DigitalServicesAct #DigitalOmnibus #eIDAS #CRA #CyberResilienceAct #Urheberrecht #copyright #DataAct
-
I once talked about bug bounty platforms and warned the community about them.
There are deeper issues with these platforms:
Platforms are paid by vendors, so they listen to vendors. A lot of these vendors abuse the platform to silence offensive researchers and the platforms don't care.
➡️ My recommendation remains ⬅️
- contact vendors directly via email
- use your national CERT for escalations
If you're in Europe: you're in luck, from 2027 the Cyber Resilience Act (CRA) will make it mandatory to have a responsible disclosure process, so European vendors have to answer to the national CERT (or get fined).
#PenerationTesting #pentesting #responsibledisclosure #infosec #cybersecurity #CRA #CyberResilienceAct
-
I once talked about bug bounty platforms and warned the community about them.
There are deeper issues with these platforms:
Platforms are paid by vendors, so they listen to vendors. A lot of these vendors abuse the platform to silence offensive researchers and the platforms don't care.
➡️ My recommendation remains ⬅️
- contact vendors directly via email
- use your national CERT for escalations
If you're in Europe: you're in luck, from 2027 the Cyber Resilience Act (CRA) will make it mandatory to have a responsible disclosure process, so European vendors have to answer to the national CERT (or get fined).
#PenerationTesting #pentesting #responsibledisclosure #infosec #cybersecurity #CRA #CyberResilienceAct
-
I once talked about bug bounty platforms and warned the community about them.
There are deeper issues with these platforms:
Platforms are paid by vendors, so they listen to vendors. A lot of these vendors abuse the platform to silence offensive researchers and the platforms don't care.
➡️ My recommendation remains ⬅️
- contact vendors directly via email
- use your national CERT for escalations
If you're in Europe: you're in luck, from 2027 the Cyber Resilience Act (CRA) will make it mandatory to have a responsible disclosure process, so European vendors have to answer to the national CERT (or get fined).
#PenerationTesting #pentesting #responsibledisclosure #infosec #cybersecurity #CRA #CyberResilienceAct
-
I once talked about bug bounty platforms and warned the community about them.
There are deeper issues with these platforms:
Platforms are paid by vendors, so they listen to vendors. A lot of these vendors abuse the platform to silence offensive researchers and the platforms don't care.
➡️ My recommendation remains ⬅️
- contact vendors directly via email
- use your national CERT for escalations
If you're in Europe: you're in luck, from 2027 the Cyber Resilience Act (CRA) will make it mandatory to have a responsible disclosure process, so European vendors have to answer to the national CERT (or get fined).
#PenerationTesting #pentesting #responsibledisclosure #infosec #cybersecurity #CRA #CyberResilienceAct
-
I once talked about bug bounty platforms and warned the community about them.
There are deeper issues with these platforms:
Platforms are paid by vendors, so they listen to vendors. A lot of these vendors abuse the platform to silence offensive researchers and the platforms don't care.
➡️ My recommendation remains ⬅️
- contact vendors directly via email
- use your national CERT for escalations
If you're in Europe: you're in luck, from 2027 the Cyber Resilience Act (CRA) will make it mandatory to have a responsible disclosure process, so European vendors have to answer to the national CERT (or get fined).
#PenerationTesting #pentesting #responsibledisclosure #infosec #cybersecurity #CRA #CyberResilienceAct
-
Want to help shape the future of #opensource in Europe?
Join policymakers, industry leaders, researchers, and community voices at the EU #OpenSourcePolicySummit 2026 — in person or online — January 30 in Brussels, Belgium!
Linux Professional Institute (LPI) is proud to participate in the key #FOSS event in Europe!
Learn more: https://lpi.org/8pnk
@OpenForumEurope #OpenForumEurope #tech #Linux #freesoftware #tech4good #LPI #cybersecurity #AI #cloud #software #CyberResilienceAct
-
We've teamed up with @apell, @EclipseFdn, @lfeurope, @mozilla, @OpenForumEurope, and @openssf to bring you the Open Source & EU Policy #devroom at #FOSDEM #FOSDEM26!
We're bringing together developers, Commission Officials and MEPs to discuss #DigitalSovereignty, Open Source and #Democracy, upcoming #EU policies, solving the EU's problems with #OpenSource, and the #CyberResilienceAct and #Standards.
We look forward to sharing more about the agenda soon in the comng days!
[JM]
-
📣 #RechtimDFN – neue Folge des Podcast #Weggeforscht ist online!
🔎Überblick über das europäische #Cybersicherheitsrecht
In Folge 91 gibt die Forschungsstelle Recht im DFN eine Einführung in das europäische Cybersicherheitsrecht.
Die wichtigsten europäischen Rechtsakte im Bereich der Cybersicherheit:
📜 #NIS2Richtlinie
🛡️ #CyberResilienceAct
🔐 #CyberSecurityAct➡️ Jetzt reinhören: https://podcastindex.org/podcast/5439143
-
📣 #RechtimDFN – neue Folge des Podcast #Weggeforscht ist online!
🔎Überblick über das europäische #Cybersicherheitsrecht
In Folge 91 gibt die Forschungsstelle Recht im DFN eine Einführung in das europäische Cybersicherheitsrecht.
Die wichtigsten europäischen Rechtsakte im Bereich der Cybersicherheit:
📜 #NIS2Richtlinie
🛡️ #CyberResilienceAct
🔐 #CyberSecurityAct➡️ Jetzt reinhören: https://podcastindex.org/podcast/5439143
-
📣 #RechtimDFN – neue Folge des Podcast #Weggeforscht ist online!
🔎Überblick über das europäische #Cybersicherheitsrecht
In Folge 91 gibt die Forschungsstelle Recht im DFN eine Einführung in das europäische Cybersicherheitsrecht.
Die wichtigsten europäischen Rechtsakte im Bereich der Cybersicherheit:
📜 #NIS2Richtlinie
🛡️ #CyberResilienceAct
🔐 #CyberSecurityAct➡️ Jetzt reinhören: https://podcastindex.org/podcast/5439143