Responding to EU CRA: Zyxel Group States Companies Should Adjust from Supply Chain Collaboration Perspective
Zyxel Group's CISO, Yu Zhengqing, highlighted that the EU Cyber Resilience Act (CRA) emphasizes security governance throughout the entire product lifecycle. He stressed that companies need to adjust from the perspective of supply chain collaboration. Zyxel Group will announce its response strategies to the CRA at the CYBERSEC 2026 Taiwan Cybersecurity Conference.
📋 Article Processing Timeline
- 📰 Published: May 5, 2026 at 15:36
- 🔍 Collected: May 5, 2026 at 16:02 (25 min after Published)
- 🤖 AI Analyzed: May 5, 2026 at 16:45 (43 min after Collected)
Central News Agency
(Central News Agency reporter Pan Chih-ching, Taipei, 5th) Zyxel Group's Chief Information Security Officer, Yu Zhengqing, stated today that many companies still underestimate the impact of the EU's "Cyber Resilience Act" (CRA), viewing it as an extension of regulatory compliance or vulnerability patching. However, the CRA places greater emphasis on security governance throughout the entire product lifecycle. Therefore, adjustments must be made from the perspectives of product governance, process management, and supply chain collaboration.
Yu Zhengqing explained via press release that the EU CRA will officially launch its reporting obligations on September 11, 2026, and its related impact is gradually extending to the entire business-to-business (B2B) supply chain, not just manufacturers directly selling products in the European market.
He pointed out that when facing the CRA, companies can no longer adhere to the traditional cybersecurity mindset of the information technology (IT) industry. Instead, they must readjust from the perspectives of product governance, process management, and supply chain collaboration. Through concrete implementation methods and phased strategies, Zyxel aims to help Taiwanese enterprises transform product security into a continuously accumulating capability, further enhancing international market competitiveness.
As international cybersecurity regulatory requirements continue to rise, ransomware attacks are increasingly industrialized, and the potential threat of quantum computing decryption is gradually emerging. Zyxel Control will present three special sessions at the CYBERSEC 2026 Taiwan Cybersecurity Conference, held from the 5th to the 7th, focusing on the impact of the EU CRA on the supply chain, the application of AI in cybersecurity operations, and the risks and response directions in the post-quantum era, proposing key countermeasures for enterprises to strengthen cybersecurity resilience.
The Cyber Resilience Act (CRA) is a mandatory digital product security regulation that establishes unified EU cybersecurity standards for all hardware and software with digital functions. Violators will face sales bans or fines.
In addition, facing a massive volume of cybersecurity alerts, cybersecurity operations teams often spend a lot of time dealing with ineffective noise. Gao Xiang, manager of Black Cat Information, a subsidiary of Zyxel specializing in cybersecurity operations for Taiwan's high-tech industry and government agencies, will share how to use AI to help enterprises shift from "alert-driven" to "event-driven," integrating multiple alerts through correlation analysis to quickly identify high-risk threats.
Zyxel Control stated that facing the accelerated development of quantum computing and automated attacks driven by generative AI, cybersecurity risks have evolved from single-point intrusions to complex threats in integrated scenarios involving cloud, supply chain, information technology (IT) systems, and operational technology (OT). "Harvest Now, Decrypt Later" has brought the long-term risks of current public-key encryption to the forefront, forcing adjustments to traditional encryption and internal/external network boundary protection models. As cross-domain data exchange becomes the norm, upgrading cybersecurity protection without interrupting operations has become a critical issue. (Editor: Yang Lanxuan) 1150505
Choose to stand with facts; every sponsorship you provide is a force for protecting press freedom.
Download the Central News Agency "First-hand News" APP to stay updated with the latest news.
The text, images, and videos on this website may not be reproduced, publicly broadcast, or publicly transmitted and used without authorization.
(Central News Agency reporter Pan Chih-ching, Taipei, 5th) Zyxel Group's Chief Information Security Officer, Yu Zhengqing, stated today that many companies still underestimate the impact of the EU's "Cyber Resilience Act" (CRA), viewing it as an extension of regulatory compliance or vulnerability patching. However, the CRA places greater emphasis on security governance throughout the entire product lifecycle. Therefore, adjustments must be made from the perspectives of product governance, process management, and supply chain collaboration.
Yu Zhengqing explained via press release that the EU CRA will officially launch its reporting obligations on September 11, 2026, and its related impact is gradually extending to the entire business-to-business (B2B) supply chain, not just manufacturers directly selling products in the European market.
He pointed out that when facing the CRA, companies can no longer adhere to the traditional cybersecurity mindset of the information technology (IT) industry. Instead, they must readjust from the perspectives of product governance, process management, and supply chain collaboration. Through concrete implementation methods and phased strategies, Zyxel aims to help Taiwanese enterprises transform product security into a continuously accumulating capability, further enhancing international market competitiveness.
As international cybersecurity regulatory requirements continue to rise, ransomware attacks are increasingly industrialized, and the potential threat of quantum computing decryption is gradually emerging. Zyxel Control will present three special sessions at the CYBERSEC 2026 Taiwan Cybersecurity Conference, held from the 5th to the 7th, focusing on the impact of the EU CRA on the supply chain, the application of AI in cybersecurity operations, and the risks and response directions in the post-quantum era, proposing key countermeasures for enterprises to strengthen cybersecurity resilience.
The Cyber Resilience Act (CRA) is a mandatory digital product security regulation that establishes unified EU cybersecurity standards for all hardware and software with digital functions. Violators will face sales bans or fines.
In addition, facing a massive volume of cybersecurity alerts, cybersecurity operations teams often spend a lot of time dealing with ineffective noise. Gao Xiang, manager of Black Cat Information, a subsidiary of Zyxel specializing in cybersecurity operations for Taiwan's high-tech industry and government agencies, will share how to use AI to help enterprises shift from "alert-driven" to "event-driven," integrating multiple alerts through correlation analysis to quickly identify high-risk threats.
Zyxel Control stated that facing the accelerated development of quantum computing and automated attacks driven by generative AI, cybersecurity risks have evolved from single-point intrusions to complex threats in integrated scenarios involving cloud, supply chain, information technology (IT) systems, and operational technology (OT). "Harvest Now, Decrypt Later" has brought the long-term risks of current public-key encryption to the forefront, forcing adjustments to traditional encryption and internal/external network boundary protection models. As cross-domain data exchange becomes the norm, upgrading cybersecurity protection without interrupting operations has become a critical issue. (Editor: Yang Lanxuan) 1150505
Choose to stand with facts; every sponsorship you provide is a force for protecting press freedom.
Download the Central News Agency "First-hand News" APP to stay updated with the latest news.
The text, images, and videos on this website may not be reproduced, publicly broadcast, or publicly transmitted and used without authorization.