Debian and new EU cybersecurity-related regulation

Speakers: Santiago Ruano Rincón & Ilu

Track: Security

Type: Long talk (45 minutes)

Room: Somin

Time: Aug 01 (Thu): 15:30

Duration: 0:40

The EU is adopting new regulations that aim at increasing the security of products sold in the EU single market. Those regulations are the Cyber Resilience Act (CRA) and updates to the Product Liability Directive (PLD). They impose new requirements for anyone placing Debian-based products in the market in the course of a commercial activity.

We think the best course of action is that impacted companies help Debian to be prepared to make it easier for the same companies –and any Debian downstream– to comply with the CRA requirements. This talk will present part of those requirements, and what would be needed in the Debian side to fulfil them.