broken image
broken image
GET IN TOUCH
  • HOME
  • SERVICES 
    • Educate and Alert
    • Secure By Design
    • Test and Certify
    • Automate
    • By Industry
  • STANDARDS & REGULATIONS 
    • ETSI EN 303 645
    • FDO IoT
    • IEC 62443
    • CC | EUCC
    • IoXt Alliance
    • FIDO
    • FIPS 140-3
    • EU Cloud Service
    • ISO 21434 & R155
    • EN 17640 | FITCEM | CSPN
    • CRA
    • RED-DA
    • MDR
    • SESIP
    • GSMA IoT
  • ABOUT US 
    • Who we are
    • EU Projects
    • They trust us
    • Careers
    • Knowledge
    • Contact
  • Blog & News 
    • Compliance & Regulations
    • Tech & Security
    • Industry Use Cases
    • Insights & Trends
    • Company News & PR
    • EU & Research Projects
  • …  
    • HOME
    • SERVICES 
      • Educate and Alert
      • Secure By Design
      • Test and Certify
      • Automate
      • By Industry
    • STANDARDS & REGULATIONS 
      • ETSI EN 303 645
      • FDO IoT
      • IEC 62443
      • CC | EUCC
      • IoXt Alliance
      • FIDO
      • FIPS 140-3
      • EU Cloud Service
      • ISO 21434 & R155
      • EN 17640 | FITCEM | CSPN
      • CRA
      • RED-DA
      • MDR
      • SESIP
      • GSMA IoT
    • ABOUT US 
      • Who we are
      • EU Projects
      • They trust us
      • Careers
      • Knowledge
      • Contact
    • Blog & News 
      • Compliance & Regulations
      • Tech & Security
      • Industry Use Cases
      • Insights & Trends
      • Company News & PR
      • EU & Research Projects
broken image
broken image
  • HOME
  • SERVICES 
    • Educate and Alert
    • Secure By Design
    • Test and Certify
    • Automate
    • By Industry
  • STANDARDS & REGULATIONS 
    • ETSI EN 303 645
    • FDO IoT
    • IEC 62443
    • CC | EUCC
    • IoXt Alliance
    • FIDO
    • FIPS 140-3
    • EU Cloud Service
    • ISO 21434 & R155
    • EN 17640 | FITCEM | CSPN
    • CRA
    • RED-DA
    • MDR
    • SESIP
    • GSMA IoT
  • ABOUT US 
    • Who we are
    • EU Projects
    • They trust us
    • Careers
    • Knowledge
    • Contact
  • Blog & News 
    • Compliance & Regulations
    • Tech & Security
    • Industry Use Cases
    • Insights & Trends
    • Company News & PR
    • EU & Research Projects
  • …  
    • HOME
    • SERVICES 
      • Educate and Alert
      • Secure By Design
      • Test and Certify
      • Automate
      • By Industry
    • STANDARDS & REGULATIONS 
      • ETSI EN 303 645
      • FDO IoT
      • IEC 62443
      • CC | EUCC
      • IoXt Alliance
      • FIDO
      • FIPS 140-3
      • EU Cloud Service
      • ISO 21434 & R155
      • EN 17640 | FITCEM | CSPN
      • CRA
      • RED-DA
      • MDR
      • SESIP
      • GSMA IoT
    • ABOUT US 
      • Who we are
      • EU Projects
      • They trust us
      • Careers
      • Knowledge
      • Contact
    • Blog & News 
      • Compliance & Regulations
      • Tech & Security
      • Industry Use Cases
      • Insights & Trends
      • Company News & PR
      • EU & Research Projects
GET IN TOUCH
broken image

Top 10 Things You Should Know About the RED Delegated Act & Harmonized Security Requirements

· Compliance and Regulations

The digital age has transformed our world, bringing us smart homes, IoT devices, wearable tech, and more. These conveniences, powered by radio equipment, connect us in unprecedented ways, but they also present new challenges in cybersecurity.

In response, the European Union has been working diligently to ensure the security and safety of these devices, as evidenced by the recent RED Delegated Act and its related first drafts of the future Harmonized Standards. The diligent efforts of the CEN CENELEC JTC 13/WG 8 experts have resulted in a first set of standards, poised to elevate the cybersecurity posture of radio equipments in the European market.

By defining the common security requirements for equipment, manufacturers now have a lucid framework to assess and manage risks. With cybersecurity becoming more paramount than ever, such initiatives are a step in the right direction for a safer digital future.

Here are the top10 things you should know at this stage:

1. Publication and Implementation

The RED Delegated Regulation (2022/30) was published on 12 January 2022. It activates requirements that ensure network functionality, user data privacy, and fraud protection. The application of this regulation will fully commence by 1 August 2025.

2. Affected Equipment

This regulation impacts a broad range of equipment - from internet-connected radio devices, wearable tech, toys, and even equipment facilitating the transfer of money or virtual currency. Interestingly, childcare equipment also falls under its purview.

3. Exemptions Exist

Not all radio equipment is under the ambit of every article in this regulation. For instance, medical devices have certain exemptions, ensuring that the regulatory environment remains adaptive and precise.

4. Core Requirements

The foundation of this regulation is to bolster security and protection. Equipment should, thus, have features like network traffic monitoring and control, ongoing cyber-attack mitigation, robust authentication measures, and user data protection. Plus, both hardware and software should be regularly updated for enhanced security.

5. A Closer Look at the future Standards

Three first drafts of harmonized standards have been introduced, addressing specific requirements:

  • prEN 18031-1: Focuses on internet-connected radio equipment, addressing security and network risks.
  • prEN 18031-2: Encompasses various radio equipment, including toys and wearables, and addresses security and privacy risks.
  • prEN 18031-3: Hones in on internet-connected radio equipment that manages virtual currency, focusing on security and financial risks.

6. Methodology in Focus

These standards employ a unique methodology ensuring relevance. They have mechanisms addressing applicability, sufficiency, and even decision trees for enhanced clarity. Furthermore, aspects like network protocols, support for legacy equipment, and public interfaces have been addressed in these standards.

7. Comprehensive Assessment Process

The assessment involves a three-fold process. There's a conceptual assessment, ensuring that the documentation is appropriate, a functional completeness assessment that checks for exhaustive documentation, and a functional sufficiency assessment that tests the implementation against potential threats.

8. Security-First Approach

With an ever-evolving landscape of cybersecurity threats, these standards are rooted in a security-by-design and defense-in-depth philosophy. The standards are designed with foresight, anticipating shifts in the digital landscape.

9. Terminology Matters

In the context of these regulations, the term "equipment" is emphasized over "product", aligning more closely with the legal nomenclature under the RED.

10. Feedback is Encouraged

As these first drafts of standards cover a wide array of equipment, feedback is actively sought at this stage until we reach full harmonisation. Those looking to contribute insights can do so via national mirror committees of CEN-CENELEC JTC 13 during the ENQuiry phase. Entities like Red Alert Labs can further guide and support your feedback processes.

 

Finally, the world of radio equipment and IoT is vibrant, innovative, and filled with potential. But like any realm of innovation, it comes with risks. The EU's commitment to addressing these risks head-on, while still nurturing a space for creativity and growth, is laudable. As we continue to integrate technology more deeply into our daily lives, such standards will serve as guiding stars, ensuring a safer and more secure digital landscape for all.

Get in touch with specialized experts to get the adequate training, consulting or evaluation to prove compliance with the RED Directive Delegated Act with most appropriate strategy.

Stay tuned to our blog for more updates on the evolving world of digital security standards and regulations.

Subscribe
Previous
Staying Ahead of the Curve: How to Adapt to the Latest...
Next
Top 10 Insights on NIS2: Navigating EU Cybersecurity...
 Return to site
Profile picture
Cancel
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save