Applus+ Laboratories Launches a New Cyber Resilience Mark


    Elevate Your Product Cybersecurity Resilience Maturity!

    In the rapidly evolving digital security landscape, adhering to compliance requirements is essential for manufacturers. The new European Cyber Resilient Act (CRA) is expected to come into force during the second half of 2024. It will impact a large number of manufacturers who will have to apply the rules 36 months after the CRA enters into force, excepting a more limited 21-month period for the reporting obligation of manufacturers for incidents and vulnerabilities.  

    Recognizing this need, Applus+ Laboratories is excited to introduce a specialized Cyber Resilience Certificate of Conformity (CoC), specifically designed to assess manufacturers' adherence to the Essential Cybersecurity Requirements from the EU Cyber Resilience Act.

    This service is aimed at vendors of non-critical products, whose products would qualify as ‘Default’ or ‘Unclassified’ under the CRA. Around 90% of the impacted products are expected to fall into this category, where vendors can opt for a self-assessment. However, compliance with CRA requirements would be a legal obligation, with potential fines for non-compliant companies

    Applus+ Laboratories is following the standardization efforts at CEN/CENELEC for both the Red Directive and CRA. Until the standards are approved, we aim to support our customers to enhance their cyber resilience posture. This is the goal of the Applus+ Cyber Resilience Mark.

    Elevate your cybersecurity maturity

    Our goal is to measure your organization’s cybersecurity posture against the CRA's Essential Requirements for ‘Default’ or ‘Unclassified’ category. To do so we’ve developed a specific methodology based on the European fixed-time evaluation methodology (FITCEM) EN 17640:2022, that provides actionable insights to later on enhance your cyber resilience and be better prepared for the upcoming regulated standards. 

    The Cyber Resilience Certificate of Conformity

    We offer a Cyber Resilience Certificate of Conformity that reflects the maturity level of your product and organization. The evaluation process focuses on the next bunch of requirements according to the evidence provided or the technical file:

    • Product Security Requirements: Ensuring products with digital elements are designed, developed, and produced to maintain an accepted level of cybersecurity, tailored to the risks identified.
    • Vulnerability Handling Requirements: Establishing a comprehensive process for identifying, documenting, and remedying vulnerabilities in products. This includes regular security updates and an effective vulnerability disclosure communication channel.


    Upon completion, you will receive a Certificate of Conformity indicating the specific CRA requirements your product complies with, empowering stakeholders with clear insights into your cybersecurity stance. Embrace this opportunity to prepare your organization for the EU Cyber Resilience Act and the European cybersecurity standards. 

    Contact us to discover how Applus+'s Cyber Resilience Mark can elevate your cybersecurity posture and offer a competitive advantage in the digital world.

    Applus+ uses first-party and third-party cookies for analytical purposes and to show you personalized advertising based on a profile drawn up based on your browsing habits (eg. visited websites). You can accept all cookies by pressing the "Accept" button or configure or reject their use. Consult our Cookies Policy for more information.

    Cookie settings panel