As cybersecurity risks continue to mount, European regulators are looking to tame this digital frontier, with far-reaching implications for any companies with a business footprint in the EU. This is primarily though two new pieces of legislation due to be enacted in 2024 –
the EU Cyber Resilience Act (CRA) and the Network and Information Security 2 (NIS2) Directive.
To address these challenges and comply with regulatory requirements, organizations are turning to innovative solutions to enhance visibility and trust in their systems and supply chain.
These solutions included software bill of materials (SBOM), hardware bill of materials (HBOM) and root of trust (RoT) technology, such as the open-source OpenTitan silicon RoT, which has recently achieved commercial availability.
The Cyber Resilience Act
The CRA is proposed legislation, now at an advanced stage of preparation, which will introduce mandatory cybersecurity requirements for hardware and software products throughout their lifecycle.
The theory behind the CRA is that it will reduce the number of products with cybersecurity vulnerabilities that are on the European market, improve transparency about security…
