Cyber Resilience Act (CRA) – Security & Incident Reporting Information
About the Cyber Resilience Act
The EU Cyber Resilience Act (CRA) (Regulation (EU) 2024/2847) establishes mandatory cybersecurity requirements for products with digital elements placed on the European Union market.
The purpose of the CRA is to ensure that hardware and software products are designed, developed, and maintained with cybersecurity in mind throughout their lifecycle. The Cyber Resilience Act applies in phases:
Phase 1: Incident reporting obligations starting in September 2026.
Phase 2: Full compliance required from December 2027.
Our Commitment to Cybersecurity
As a manufacturer of industrial robotic systems, we are committed to ensuring that our products meet the cybersecurity requirements of the EU Cyber Resilience Act (CRA).
Cybersecurity is an ongoing process. We continuously improve our secure development lifecycle, vulnerability management procedures, and monitoring capabilities to meet evolving regulatory and threat landscapes.
Phase 1: Reporting Security Incidents or Vulnerabilities
Under the Cyber Resilience Act, manufacturers must:
Report certain incidents to the relevant authorities
Inform affected customers when appropriate
To support this process, we have established a dedicated cybersecurity contact channel. If you:
Detect a cybersecurity vulnerability in one of our products
Suspect unauthorized access, exploitation, or malicious activity
Experience a cybersecurity incident related to our robot systems
Require clarification regarding a potential reportable incident
Please contact us immediately using the details below.
Dedicated Cybersecurity Contact
Email: cybersecurity@wemogroup.com
When reporting an issue, please include:
Customer name
Robot serial number (Wxxxxxx)
Description of the issue or incident
Date and time detected
Contact details for follow-up