Radio Equipment Directive – Cybersecurity Requirements

Cybersecurity is a critical aspect of the Radio Equipment Directive (RED), and as such, there are specific cybersecurity requirements that must be met by manufacturers of radio equipment. Article 3 (3) of the Radio Equipment Directive specifies cybersecurity requirements for radio equipment sold within the EU. The three essential requirements are:

  • 3(3)(d), to ensure network protection;
  • 3(3)(e), to ensure safeguards for the protection of personal data and privacy;
  • 3(3)(f), to ensure protection from fraud.

The importance of cybersecurity requirements for the Radio Equipment Directive (RED) cannot be overstated, as they play a crucial role in ensuring the safety, security, and privacy of users of radio equipment within the European Union (EU). Here are some of the reasons why cybersecurity requirements are essential for the RED:

  1. Protection against cyber threats: Radio equipment is vulnerable to cyber threats, such as hacking, malware, and other cyberattacks. Having cybersecurity requirements for the RED help to ensure that radio equipment is designed and manufactured in such a way that it can resist cyber threats, and protect the confidentiality, integrity, and availability of data transmitted and received by the equipment.
  2. Compliance with regulations: Compliance with cybersecurity requirements is mandatory for manufacturers of radio equipment before placing their products on the market or putting them into service. Failure to comply with these requirements can result in severe penalties and damage to a company's reputation.
  3. Ensuring interoperability: Cybersecurity requirements for the RED help to ensure that radio equipment is designed and manufactured in such a way that it is interoperable with other devices and systems. This ensures that radio equipment can work seamlessly with other devices and systems, without compromising the security and privacy of users.
  4. Protecting personal data: Radio equipment may transmit and receive personal data, and as such, it is essential to ensure that this data is protected against unauthorized access and theft.

New Cybersecurity Requirements of the Radio Equipment Directive (RED)
Download our Webinar

The new requirements took affect in February 2022, but do not become mandatory until August 1, 2025. Although there are some exceptions for otherwise regulated categories of devices, the delegated act applies to most direct and indirect Internet-connected radio equipment, childcare products, toys, and personnel wearable data collection equipment.

Although harmonized standards for the cybersecurity requirements do not yet exist, many of our customers are engaging early with Intertek in preparation for these mandatory requirements. Our customers are leveraging our Cyber Assured services for 3rd party certification to existing state of the art Standards.

Intertek offers the complete range of evaluation, certification and assurance services to launch successful connected products. Contact us to learn more.

 

Need help or have a question?

+1 800 967 5352
UK/EIRE:
+44 116 296 1620
S. AMER:
+55 11 2842 0444
APAC:
+86 400 886 9926
Benelux:
+31 88 126 8888
Germany
+49 711 27311 152
UAE
+971 4 317 8777
India
+91 11 4159 5408
 
 
 
 
 
 
34359841245
171
6951/7521/7531/34359740931/34359742764/
38
34359822721
34359795541,34359831607,34359753127
34359841348,34359753129,34359758692,34359768069,34359769474