Beta

Source: OJ L 2024/2847, 20.11.2024

EN

Recital 54 Assessment of cybersecurity risks

In order to ensure that products with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately; are secure both at the time of their placing on the market means the first making available of a product with digital elements on the Union market; as well as during the time the product with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately; is expected to be in use, it is necessary to lay down essential cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; requirements for vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; handling and essential cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; requirements relating to the properties of products with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately;. While manufacturers means a natural or legal person who develops or manufactures products with digital elements or has products with digital elements designed, developed or manufactured, and markets them under its name or trademark, whether for payment, monetisation or free of charge; should comply with all essential cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; requirements related to vulnerability means a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; handling throughout the support period means the period during which a manufacturer is required to ensure that vulnerabilities of a product with digital elements are handled effectively and in accordance with the essential cybersecurity requirements set out in Part II of Annex I;, they should determine which other essential cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; requirements related to the product properties are relevant for the type of product with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately; concerned. For that purpose, manufacturers means a natural or legal person who develops or manufactures products with digital elements or has products with digital elements designed, developed or manufactured, and markets them under its name or trademark, whether for payment, monetisation or free of charge; should undertake an assessment of the cybersecurity risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; associated with a product with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately; to identify relevant risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; and relevant essential cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; requirements in order to make available their products with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately; without known exploitable vulnerabilities means a vulnerability that has the potential to be effectively used by an adversary under practical operational conditions; that might have an impact on the security of those products and to appropriately apply suitable harmonised standards means a harmonised standard as defined in Article 2, point (1)(c), of Regulation (EU) No 1025/2012;, common specifications or European or international standards means an international standard as defined in Article 2, point (1)(a), of Regulation (EU) No 1025/2012;.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod