Which legislation and standards apply to the industry?

18. 7. 2025

A variety of legislative frameworks and technical standards apply to both organizations and products:

Legislation:

NIS2 + new Cybersecurity Act – defines obligations for medium and large enterprises in key sectors (including manufacturing)
Cyber Resilience Act (CRA) – applies to all digital products placed on the EU market (including software, devices, and combined solutions)
RED Delegated Act – supplements the Radio Equipment Directive with cybersecurity requirements for wireless products (effective from August 1, 2025)
AI Act – upcoming EU regulation for AI systems, defining requirements based on risk levels (especially in areas like production control, quality, or predictive maintenance)

Standards:

ISO/IEC 27001 – Information Security Management System (for organizations)
IEC 62443 – Cybersecurity for industrial control systems and components (also applies to product development)
EN 18031 – Product vulnerability assessment and security testing (relevant for RED)
ETSI EN 303 645 – Baseline standard for consumer IoT cybersecurity
ISO/IEC 42001 – New international standard for AI system management, focused on transparency, risk management, and auditability

!!!Note: Management systems like ISO/IEC 27001 or the new Cybersecurity Act apply only to organizations—not products. Product and device security requires entirely different approaches, primarily based on IEC 62443.

Name	Domain	Purpose	Expiry	Type
pll_language	it.ezu.cz	The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.	1 year	HTTP
elementor	it.ezu.cz	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.	never	HTTP

Name	Domain	Purpose	Expiry	Type
_ga	it.ezu.cz	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.	2 years	HTTP
_gid	it.ezu.cz	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.	1 day	HTTP
_gat_UA-88740921-10	it.ezu.cz	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.	1 minute	HTTP

Which legislation and standards apply to the industry?

Menu

Useful information