EU Adopts Cyber Resilience Act to Regulate Internet of Things

October 22, 2024 at 08:04AM The Council of the European Union has adopted the Cyber Resilience Act, ensuring connected devices meet new cybersecurity standards before market release. This law enhances existing regulations and provides consumers with clearer options for secure products, featuring a “CE” label for compliance. The act will take effect in 2027. **Meeting … Read more

New Case Study: Unmanaged GTM Tags Become a Security Nightmare

June 19, 2024 at 07:46AM Google Tag Manager (GTM) may not guarantee complete safety for tracking tags and pixels, potentially leading to misconfigurations and data breaches. A case study of a global ticketing company highlights the risks of mismanagement in GTM, with implications for GDPR and data privacy regulations. Reflectiz offers a solution for continuous … Read more

US and EU infosec authorities pen intel-sharing pact

December 7, 2023 at 01:31PM CISA and ENISA, US and EU cybersecurity agencies, will enhance collaboration by sharing threat intelligence, best practices, and legislative approaches to improve cyber defenses. This agreement includes cybersecurity training and awareness programs. Additionally, the EU progresses with the Cyber Solidarity Act, aiming for stronger cyberattack response coordination across member states. … Read more

EU lawmakers finalize cyber security rules that panicked open source devs

December 4, 2023 at 01:08AM The EU’s Cyber Resilience Act (CRA), which imposes cyber security requirements on hardware and software products, is poised for final approval. Open source software is exempt under new rules. Manufacturers have three years to comply or face fines. Meanwhile, critical vulnerabilities in various software were patched and a US federal … Read more

Security Pros Warn that EU’s Vulnerability Disclosure Rule is Risky

October 13, 2023 at 03:48PM The European Union (EU) is considering a rule that would require software publishers to disclose unpatched vulnerabilities to government agencies within 24 hours of exploitation. However, many IT security professionals are concerned about the potential abuse of this rule. They argue that the 24-hour window is too short and could … Read more

Can open source be saved from the EU’s Cyber Resilience Act?

October 13, 2023 at 10:49AM The European Union’s Cyber Resilience Act (CRA) is causing concern among the open source community. The Act, aimed at addressing cybersecurity issues, imposes strict regulations on software publishers, potentially hindering open source development. The open source community is advocating for more flexibility in the regulations and better understanding of how … Read more