Source: OJ L 2024/2847, 20.11.2024

Current language: EN

Article 10 Enhancing skills in a cyber resilient digital environment


Summary What does Article 10 of the CRA regulation say?

This article addresses the human capital dimension of the regulation's implementation.

Recognising that effective enforcement depends on having enough skilled people, it places an obligation on Member States to actively promote workforce development in cybersecurity.

The support of the Commission, ENISA, and the European Cybersecurity Competence Centre is available for this purpose, though ultimate responsibility in the education domain stays with Member States.

Important points:

  • Member States are required to promote strategies that develop cybersecurity skills and ensure sufficient availability of qualified professionals to support market surveillance authorities and conformity assessment bodies.
  • Member States must also foster collaboration across the private sector, economic operators, training providers, and public administrations, including through re-skilling and up-skilling of manufacturers' employees.
  • The Commission, ENISA, and the European Cybersecurity Competence Centre play a supporting role only, with Member States retaining responsibility in the education field.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

For the purposes of this Regulation and in order to respond to the needs of professionals in support of the implementation of this Regulation, Member States with, where appropriate, the support of the Commission, the European Cybersecurity Competence Centre and ENISA, while fully respecting the responsibility of the Member States in the education field, shall promote measures and strategies aiming to:

  1. develop cybersecurity skills and create organisational and technological tools to ensure sufficient availability of skilled professionals in order to support the activities of the market surveillance authorities and conformity assessment bodies;

  2. increase collaboration between the private sector, economic operators, including via re-skilling or up-skilling for manufacturers’ employees, consumers, training providers as well as public administrations, thereby expanding the options for young people to access jobs in the cybersecurity sector.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod