All news with #cyber resilience act tag

Vaillant CISO: Act Now on Security and Regulatory Change

🔐 Vaillant CISO Christoph Reiß says rising geopolitical tensions and the professionalization of cybercrime — amplified by accessible AI tools — are elevating the threat to the heating and energy sector. Vaillant relies on a holistic, multilayered security strategy that combines preventative and reactive measures and protects IT, production, and customer products. Employee-focused training, from gamification to practical compliance, is central, and Reiß highlights regulatory complexity (e.g., NIS2, DORA, Cyber Resilience Act) while urging organizations to start, don’t wait on pragmatic implementation.

Vaillant CISO: From Technology to Strategic Cyber Leadership

🔒 Raphael Reiß, CISO at Vaillant Group, warns that rising geopolitical tensions and increasingly professional cybercriminals — now aided by AI — have lowered the barrier to complex attacks. Vaillant applies a holistic, multilayered security approach that spans IT, global production and customer-facing products, combining preventive and reactive controls. Reiß emphasises people-first awareness training and pragmatic compliance with standards such as NIS2, DORA and the Cyber Resilience Act. His advice is direct: analyse your starting point and start rather than wait.

UK Committee Urges Legal Liability for Software Insecurity

⚖️ The UK’s Business and Trade Committee has recommended making software providers legally accountable for insecure products, arguing that voluntary measures like the Software Security Code of Practice are insufficient to protect economic stability. The report highlights 2025 incidents affecting Co-op, M&S and Jaguar Land Rover that produced heavy public costs and operational disruption. It urges mandatory compliance, stronger enforcement powers and compulsory incident reporting to shift financial risk back to vendors.