Radio Equipment Directive – Cybersecurity Requirements
Article 3 (3) of the Radio Equipment Directive (RED) specifies cybersecurity requirements for radio equipment sold within the EU. The three essential requirements are:
- 3(3)(d), to ensure network protection;
- 3(3)(e), to ensure safeguards for the protection of personal data and privacy;
- 3(3)(f), to ensure protection from fraud.
The requirements took affect February 1, 2022, but do not become mandatory until August 1, 2024; giving manufacturers a 30-month transition period. Although there are some exceptions for otherwise regulated categories of devices, the delegated act applies to most Internet-connected radio equipment, childcare products, toys, and wearable equipment.
Although harmonized standards for the cybersecurity requirements do not yet exist, many of our customers are engaging early with Intertek in preparation for these mandatory requirements. Our customers are leveraging Cyber Assured for 3rd party certification of consumer IoT products, ETSI EN 303 645 assessments, and IEC 62443 certification for industrial products.
Intertek offers the complete range of testing, certification and assurance services to launch successful connected products. Contact us to learn more.