The Cyber Resilience Act forces a security reset for connected device makers

The EU Cyber Resilience Act introduces mandatory cybersecurity requirements for products with digital elements sold within the European Union, moving security obligations from guidance to enforceable regulation. For manufacturers of connected devices, embedded systems and industrial equipment, this represents a structural shift in how products must be designed, maintained and documented across their entire lifecycle.

The Act requires demonstrable security by design, secure default configurations, structured vulnerability handling and controlled software updates. Importantly, it also requires evidence. Companies must not only implement technical safeguards but also maintain documentation and processes that withstand regulatory scrutiny. This has implications for engineering resources, certification timelines and ongoing support costs.

Compliance is not a single event but an operational capability that must be embedded into product development and fleet management. Firms that delay implementation may face compressed delivery schedules, increased remediation costs or restricted market access. Those that prepare early can integrate compliance into standard operating processes and reduce disruption.

A central requirement of the Act is secure lifecycle management. Devices must be provisioned securely, authenticated reliably and updated safely throughout their operational life. Many legacy provisioning models rely on static credentials or manual processes that are difficult to scale and audit. Under the new framework, these approaches may expose companies to compliance gaps.

Device Authority positions its platform around automated device identity management, dynamic credential provisioning and policy enforcement. By embedding cryptographic identities into devices at scale and managing them throughout their lifecycle, manufacturers can create a structured control framework aligned with regulatory expectations. Automation reduces reliance on manual intervention and improves consistency across large device estates.

Tern plc (LON:TERN) backs exciting, high growth IoT innovators in Europe. They provide support and create a genuinely collaborative environment for talented, well-motivated teams.

Share on:

Written by: Amilia Stone

Find more news, interviews, share price & company profile here for:
Tern Plc

Latest Company News

Tern Plc reports 2025 results and outlines portfolio value strategy

June 23, 2026

Tern plc has reported audited annual results, outlined portfolio developments and convened a General Meeting for 9 July 2026.

Device Authority targets enterprise IoT security demand through Xalient partnership

June 22, 2026

Device Authority has partnered with Xalient to bring KeyScaler into managed enterprise security services, strengthening its position in scalable IoT and OT device identity management.

Talking Medicines targets a clearer view of GLP-1 and cancer care demand

June 17, 2026

Talking Medicines is showing why real-world healthcare conversations matter for investors tracking GLP-1, oncology and the next stage of life sciences market positioning.

GLP-1 cancer signals add a new investor angle

June 11, 2026

Early oncology signals from ASCO 2026 add a new investor angle to the GLP-1 story, with further research needed before clinical or commercial conclusions can be drawn.

Device Authority expands enterprise reach through IoT security partnership

June 4, 2026

Device Authority’s partnership with Xalient strengthens its enterprise IoT security positioning as regulated industries look for scalable, automated ways to manage connected device risk.