Skip to content

Cyber Resilience Act

The Cyber Resilience Act (CRA) (Regulation 2024/2847) lays down horizontal, Union‑wide cybersecurity requirements for products with digital elements, including, software or hardware product and its remote data processing solutions, including software or hardware components being placed on the or made available on the European Union (EU) market. It aims to ensure that such products are designed, developed, produced and maintained with cybersecurity in mind throughout their lifecycle, including through effective vulnerability handling and security updates.

The Regulation was adopted on 23rd October 2024 and entered into force on 10th December 2024. It will become fully applicable from 11th December 2027, with certain reporting obligations applying earlier from 11th September 2026.

The MDIA will be the prospective Notifying Authority responsible for notification of Conformity Assessment Bodies (CABs), which carry out conformity assessment activities under the Cyber Resilience Act (CRA).

#MDIATalent

Connect your digital talent with Malta’s thriving innovation scene through MDIATalent.

MDIATalent supports the growth of Malta’s digital innovation sector by connecting skilled individuals with relevant opportunities with MDIA.

Find out more