Summary

The EU Cyber Resilience Act (CRA) provides specific support measures and simplified obligations for microenterprises and small and medium-sized enterprises (SMEs), including start-ups, to facilitate their compliance with the Regulation.

Relevant CRA Provisions

Recitals: Recital 5, Recital 17, Recital 6, Recital 93, Recital 94, Recital 96, Recital 127, Recital 128

Articles: Article 33

Detailed Explanation

The CRA aims to support microenterprises and SMEs by providing tailored measures to help them understand and comply with the Regulation. This includes awareness-raising and training activities, dedicated communication channels, and support for testing and conformity assessment. Member States may also establish cyber resilience regulatory sandboxes to allow for controlled testing of innovative products. The Commission is tasked with providing guidance and advertising financial support available under Union programmes. Additionally, microenterprises and small enterprises can use a simplified format for technical documentation, reducing administrative burdens while maintaining cybersecurity standards.

Obligations for Stakeholders

Member States:

  • Organize awareness-raising and training activities for microenterprises and SMEs.
  • Establish dedicated communication channels for advice and queries.
  • Support testing and conformity assessment activities.
  • Consider establishing cyber resilience regulatory sandboxes.
  • Ensure open, fair, and transparent access to regulatory sandboxes, especially for microenterprises and SMEs.

Commission:

  • Provide guidance for microenterprises and SMEs regarding the implementation of the Regulation.
  • Advertise available financial support under Union programmes.
  • Specify a simplified technical documentation form for microenterprises and small enterprises.

Microenterprises and Small Enterprises:

  • May use a simplified format for technical documentation as specified by the Commission.
  • Engage with available support measures and regulatory sandboxes to facilitate compliance.

“`