Accessibility expertise to ensure inclusive cybersecurity in software products with digital elements
Horizontal standards for security requirements
Horizontal standards for vulnerability requirements
Vertical standards for security requirements
What does the work you will carry out for the CYBERSTAND SSP consist of?
This project aims to bridge the gap and mitigate possible contradiction or overlap between cybersecurity and accessibility by ensuring that new cybersecurity standards do not unintentionally exclude users with disabilities, contradict existing accessibility principles or expose products and services for unnecessary risks because of disabled users’ specific needs. The Cyber Resilience Act (CRA) introduces mandatory cybersecurity requirements for digital products across their lifecycle. Many of these products are also in scope of the European Accessibility Act (EAA), creating a need to harmonise cybersecurity and accessibility standards. To avoid conflicts and ensure inclusive security measures, digital accessibility experts will be supporting the CRA standardisation process. I am leading a group of experts who are reviewing, commenting and contributing to deliverables related to cybersecurity, ensuring they align with accessibility needs under the EAA.
What is the expected result and impact of this activity?
By proactively integrating accessibility into the CRA standardisation process, this contribution supports regulatory harmonisation, protects consumers, and strengthens Europe’s internal market. The alignment of cybersecurity and accessibility standards ensures that digital consumer products remain both secure and inclusive, benefiting businesses, consumers, and policymakers across the EU. The proposed contribution is expected to have a significant impact on the Cyber Resilience Act (CRA) standardisation request and on broader European interests, particularly in ensuring that cybersecurity and accessibility requirements are aligned in consumer products with digital elements.
Which aspects of the Cyber Resilience Act (CRA) standardisation are you focusing on?
The project is focusing on horizontal standards as well as vertical standards. Emphasis will be placed on products with user interfaces, as these fall under the scope of the Cyber Resilience Act (CRA) and are also intended for use by people with disabilities. Without appropriate measures to address eAccessibility, there is an increased exposure to cybersecurity risks, and it is important to address this.
