New EU regulations: Cyber ​​security for radio devices from August 2025!

New EU regulations: Cyber ​​security for radio devices from August 2025!

EU, Europa - Cybersecurity for radio systems will be lifted to a new level from August 2025. The aim is to increase resilience networked devices compared to cyber attacks. All devices are affected by radio interfaces that are placed in the EU and need CE marking, including communication devices such as mobile phones or radio devices, IoT and smart devices as well as control systems in the area of ​​Operational Technology (OT) [ Elektro.net ].

This is an expansion of the guideline via radio systems and telecommunications devices (red). According to [ wiot.group ] it is essential for manufacturers to identify and close security gaps and to create an extensive documentation process. Especially devices such as reader, printers, labelers and a variety of other internet -enabled products fall under this regulation.

technical requirements and support

The new regulations contain strict technical requirements for the hardware and software architecture of products. This means that the devices must not have weaknesses that could endanger networks. Data protection also plays a crucial role, especially for devices with health care. Personal data must be processed protected. Functions such as mobile payment processes must also be covered against manipulation [ Elektro.net ].

The TQ Group offers manufacturers support, including a practice-oriented guide for the implementation of the new requirements. The implementation could be time-consuming, especially if software or hardware changes are required [ wiot.group ].

background and relevance

This development is in the context of a drastic increase in cybercrime in Europe. According to the federal paramedic cybercrime in 2023 of the Federal Ministry of the Interior and for Homeland (BMI) and the Federal Office for Security in Information Technology (BSI) there was an increase of 28 percent in the period examined [ wiot.group ]. In addition, the EU Commission has put further measures to strengthen resistance to online and offline threats with the NIS-2 directive and the CER directive [ ec.europa.eu ].

The higher demands on cyber security risk management and the more precise reporting obligations for incidents reflect the endeavors to better protect critical sectors and infrastructure in the EU. In the expansion of the previous provisions, Member States must now adopt national strategies for the identification of critical institutions and regularly carry out risk assessments [ ec.europa.eu ].

In the core, the new regulation aims to strengthen consumers' trust in digital technologies and to ensure the safety of networked devices. Time is pushing, and manufacturers now have the task of preparing for the changes that will knock on the door in 2025.