Radio Equipment Directive – Cybersecurity Requirements

Article 3 (3) of the Radio Equipment Directive (RED) specifies cybersecurity requirements for radio equipment sold within the EU. The three essential requirements are:
- 3(3)(d), to ensure network protection;
- 3(3)(e), to ensure safeguards for the protection of personal data and privacy;
- 3(3)(f), to ensure protection from fraud.
The new requirements took affect from February 1, 2022, but do not become mandatory until August 1, 2024; giving manufacturers a 30-month transition period. Although there are some exceptions for otherwise regulated categories of devices, the delegated act applies to most direct and indirect Internet-connected radio equipment, childcare products, toys, and personnel wearable data collection equipment.
Although harmonized standards for the cybersecurity requirements do not yet exist, many of our customers are engaging early with Intertek in preparation for these mandatory requirements. Our customers are leveraging our Cyber Assured services for 3rd party certification to existing state of the art Standards.
Intertek offers the complete range of evaluation, certification and assurance services to launch successful connected products. Contact us to learn more.
Need help or have a question?
Radio Equipment Directive (RED) update with Cybersecurity Requirements
Knowledge Center
- Cybersecurity Awareness Training Fact Sheet
- Common Criteria Certification Process Fact Sheet
- FIPS 140-3 Process and Service Offerings Fact Sheet
- 5G Technology Assurance Solution Fact Sheet
- Cyber Security Risk in a Mass Remote Working Environment Webinar
- Intertek Cyber Assured Fact Sheet
- Consumer Product Focused Cyber Security Test and Certification Program
- PCI PIN Transaction Security (PTS) Cyber Security Fact Sheet
- Cyber Security Assurance Overview
- ANSI/UL 2900 Cyber Security Assessments Fact Sheet
- Software Assurance Overview
- Network Certification Guides
- Guide to PTCRB Certification
- Guide to Verizon ODI Process