NEW REGULATIONS AND THEIR IMPACT

EU Requirements for Enhanced Digital Security

On October 10, 2024, the Cyber Resilience Act (CRA) was passed by the EU, making it legally binding for the European market. Along with NIS 2 and DORA, it forms a comprehensive regulatory framework that presents significant challenges for companies. The new regulations aim to secure critical infrastructures, IT security, and supply chains. Going forward, companies must provide extensive security documentation and may only use or distribute products that comply with the new security standards.

Why are these regulations so important?

Uninterruptible Power Supply (UPS) providers are particularly affected—especially those importing network products whose origin is not disclosed or trustworthy!

Consequences of non-compliance:

❌ Sales bans
❌ Corporate liability

NIS 2 – Security at the Network Level

The Network and Information Security Directive (NIS 2) is a comprehensive revision of the EU directive on IT security. It mandates that companies enhance their internal security processes and ensure security requirements throughout the supply chain.

Key Requirements of NIS 2:

✅ Risk assessment: Companies must conduct a detailed analysis of their risks.
✅ Emergency response plans: Mandatory response strategies for cyberattacks must be in place.
✅ Strict supply chain requirements: Companies must verify that their suppliers maintain secure IT processes.
✅ Personal liability: Executives can be held accountable for security breaches.

Cyber Resilience Act (CRA) – Security for Individual Products

The CRA applies to all network-enabled devices and defines the security standards they must meet to receive the CE marking.

(This significantly enhances the value of the CE mark, bringing it closer to the level of the UL certification. However, there is still no mandatory third-party verification.)

What does this mean for your company?

• CRA: Continuous security updates & patch management:
  Manufacturers must proactively address security vulnerabilities.
  ✅ GENEREX ensures that your devices are always supplied with the latest security updates.

• CRA: Product security throughout the entire lifecycle:
  Security standards must be continuously monitored and adapted.
  ✅ GENEREX takes full responsibility for the security monitoring of your installed systems.

• CRA: New documentation requirements for greater transparency:
  Companies must provide detailed records of the measures taken to ensure security.
  ✅ GENEREX provides all necessary information—fully compliant with the CVE (Common Vulnerabilities and Exposures) process.

DORA – Additional IT Security for the Financial Sector

The Digital Operational Resilience Act (DORA) applies to banks, insurance companies, and financial service providers. Its goal is to strengthen IT infrastructure to prevent cyberattacks and minimize failures.

Key Requirements of DORA:

• DORA: Process optimization: Companies must proactively manage IT risks.
  ✅ GENEREX offers an IT security strategy that minimizes risks, strengthens system resilience, and protects financial sector clients.

• DORA: CVE reporting obligations: Security incidents must be documented and reported.
  ✅ GENEREX handles and manages CVE reports.

• DORA: Security certifications: Only certified IT products may be used in financial systems.
  ❌ This remains at the discretion of the banks.

Why GENEREX Products Are Already Future-Proof

✅ Made in the EU & USA
All GENEREX products are exclusively manufactured in Europe and the United States and already meet the high security standards of NIS 2, CRA, and DORA.

✅ No Chinese hardware
Many network technology products from China may no longer be approved under future EU regulations.

GENEREX ensures your CRA & NIS 2 compliance!
Our production in Europe and the USA guarantees maximum security and transparency.

Conclusion: What Actions Should Your Company Take?

✅ Assess your IT infrastructure: Are all the products in your portfolio future-proof?
GENEREX provides the ideal alternatives for non-compliant devices.