The regulation passed on the 10th of October 2024 seeks to strengthen cyber resilience across industries and member states, increasing consumer and provider safety. It is expected to positively impact the cultural sector but will take some time before its full outcomes are seen due to EU legal frameworks and time-frames.
By Creatives Unite NewsroomThe Cyber Resilience Act, aimed at strengthening cybersecurity requirements for digital products was adopted as new law today by the EU council. The law addresses products such as smart home devices, including cameras, refrigerators, TVs, and toys, before they enter the market.
The regulation seeks to make products more secure, ensuring that those with digital elements, like Internet of Things (IoT) devices, are secure throughout their lifecycle and supply chain. The regulation applies to all devices connected to another device or network, either directly or indirectly. Certain specialist and industry specific products such as medical devices, aeronautical equipment, and automobiles, are exempt as they already fall under existing EU cybersecurity rules. The law establishes EU-wide cybersecurity standards for the development of hardware and software, to eliminate the concerns and consequences of overlapping requirements across member states.
This report suggests that the regulation will have a positive impact on consumers in the tourism sector, greening initiatives and entrepreneurship. Cybersecurity is an important factor for the cultural sector, as creative and cultural institutions, like other industries, are vulnerable to cyber security threats. In 2022, a cyberattack on The Metropolitan Opera in New York impacted its website, box office, and call center. In 2023, British libaray data was held to ransom, and another incident the same year saw museums and galleries attacked via a third party network.
The law has not yet been implemented. In line with EU processes, Following yesterday’s adoption, ‘the legislative act will be signed by the presidents of the Council and of the European Parliament and published in the EU’s official journal in the coming weeks. The new regulation will enter into force twenty days after this publication and will apply 36 months after its entry into force with some provisions to apply at an earlier stage.’ according to the EU council website. Therefore it will be some time before we see the outcomes of the new regulations on the cultural sector.
Photo Credits: CC 2.0
