欧盟网络安全局（ENISA）：2026年中小企业CRA调查报告（英文版）

The Cyber Resilience Act (CRA) ( 1 ) introduces new cybersecurity requirements for products with digital elements placed on the EU market. With the regulation entering into application in December 2027, manufacturers, distributors and importers, including small and medium-sized enterprises (SMEs), will need to ensure that their products meet cybersecurity requirements throughout the product life cycle. Since SMEs make up a large part of EU´s digital ecosystem, their ability to understand and