Cyber Resilience Act – Maritime Industry Implications and Critical Reflections

Webinar The EU Cyber Resilience Act (CRA) was enacted on 10 December 2024. “Certain reporting requirements will start becoming applicable from 11 September 2026, with all requirements rolled out by 11 December 2027.

While intended to enhance cybersecurity across digital products, the Act introduces broad requirements that are not always compatible with the operational realities of the maritime industry.

For the maritime sector, where equipment lifecycles are long, certification schemes are established, and safety-critical functions are tightly regulated, the CRA introduces overlapping and, in some cases, conflicting requirements. These challenges are particularly evident for equipment manufacturers, system integrators, and ship operators alike.

In this webinar, Kongsberg Maritime will lead a focused discussion on:

• What the CRA means in practice for maritime systems and suppliers
• Why some of the requirements risk undermining rather than strengthening safety and compliance
• Specific technical and legal pushbacks being proposed
• How the maritime industry can engage to shape workable, sector-specific adaptations

This is an important conversation for anyone involved in the development, certification, or deployment of digital systems on board vessels.