In an era of growing cyber threats, the European Union and the United States have taken a major step toward enhancing global cybersecurity. On January 30, 2024, both sides signed an Administrative Arrangement on a Joint CyberSafe Products Action Plan, reinforcing their commitment to securing consumer IoT products. This collaboration aims to advance technical cooperation and work toward mutual recognition of cybersecurity requirements for IoT hardware and software, ultimately strengthening consumer protection while easing compliance for businesses.

This agreement builds on existing cybersecurity frameworks. In the EU, the Cyber Resilience Act (CRA) establishes security requirements for digital products, while in the U.S., the Cyber Trust Mark Program serves as a labeling system to help consumers identify secure IoT products. By aligning regulatory approaches, the EU and U.S. are working toward a seamless transatlantic market for trusted digital products, making it easier for companies to comply with consistent security standards while enhancing global cybersecurity.

As part of this initiative, both sides are committed to developing a shared cybersecurity lexicon and taxonomy, improving coordination in standards development, and exploring potential alignment of certification processes. The Action Plan highlights the importance of fostering collaboration between governments and industry players, ensuring that regulations remain effective and practical. European Commissioner Thierry Breton emphasized that this agreement brings “concrete benefits for consumers and businesses” and reinforces the shared commitment to strengthening cybersecurity across borders.

The CRACoWi project (Cyber Resilience Act Compliance Wizard) plays an essential role in supporting businesses – particularly SMEs – by helping them navigate cybersecurity regulations, assess compliance under the Cyber Resilience Act, and integrate security-by-design principles into IoT product development. By providing clear guidance on certification processes, CRACoWi ensures that companies can meet regulatory requirements without being overwhelmed by complexity.

With this agreement in place, the EU and U.S. are setting the stage for stronger cybersecurity cooperation. Their focus on harmonizing security standards, promoting international best practices, and fostering industry engagement will help shape a more resilient digital ecosystem. As the world becomes increasingly interconnected, initiatives like these are vital to ensuring the safety and trustworthiness of digital products.