EU Cybersecurity Compliance for Industrial Manufacturers

From Kaohsiung to Europe: Bridging Cybersecurity Compliance with Akenatech and OTEGO Group

Two new European Union regulations are quietly reshaping the rules for any foreign manufacturer aiming to sell connected devices in the EU market. The Cyber Resilience Act (CRA) and the Machinery Regulation (MR) are introducing rigorous cybersecurity compliance requirements that are fundamentally altering market access. Companies that fail to comply will lose their ability to obtain the CE marking, effectively barring them from the European market.

These challenges are often misunderstood, and the timeline to achieve compliance is shorter than many executives anticipate. To address these developments, OTEGO Group joined the Kaohsiung and France: Innovation Links a New Future forum in Kaohsiung, Taiwan, on May 22, 2026. At this event, we introduced Akenatech’s industrial cybersecurity expertise to local industry leaders, highlighting the path forward for Taiwanese manufacturers navigating these new European standards.

OTEGO Group and participants at the Kaohsiung and France: Innovation Links a New Future — OTEGO Group at the Kaohsiung & France: Innovation Links a New Future forum

Kaohsiung & France: A Strategic Dialogue

The forum brought together 50 representatives from 32 French companies, alongside officials from the French Office in Taipei, the French Chamber Taiwan, and the Kaohsiung City Government.

Within this context, five companies were selected to present their solutions and discuss the future of the France-Taiwan economic relationship. It was in this forum that OTEGO Group presented on Akenatech, a French industrial cybersecurity firm specializing in EU compliance for hardware manufacturers, addressing the exact regulatory challenges Taiwanese manufacturers now face.

Alain Patrick Tieu from OTEGO Group, Akenatech’s official Asian partner, presents their industrial cybersecurity services.

The Regulations: What the CRA and MR Require

Both regulations target manufacturers of machinery and digital products sold in the EU, mandating cybersecurity and control system security as a prerequisite for the CE marking.

Two new regulations were created to target manufacturers of machines and digital products sold in EU. These regulations require companies to implement cybersecurity protections and control system security as a condition of obtaining a CE marking.

What is the Machinery Regulation (EU 2023/1230)?

The Machinery Regulation (MR) ensures that all machinery released to the market meets the highest level of health and safety standards. This regulation covers digitalization, cybersecurity, and modern technologies, requiring mandatory risk assessments to identify and mitigate hazards throughout a machine’s lifecycle. Manufacturers must prioritize user safety during operation, maintenance, and disposal, specifically implementing corruption protection and control system security.

While the regulation entered into force on July 19, 2023, it becomes fully applicable across all EU states on January 20, 2027.

What is the Cyber Resilience Act (EU 2024/2847)?

The Cyber Resilience Act (CRA) is the EU’s first horizontal regulation establishing cybersecurity requirements for hardware and software products. It affects manufacturers, importers, and distributors throughout the product lifecycle. Any manufacturer wishing to sell in the EU will need to comply regardless of where their offices or manufacturing plants are located.

The regulation is being implemented in two phases:

September 11, 2026: Vulnerability and incident reporting obligations begin.
December 11, 2027: Full application of all the remaining requirements, including conformity assessments and technical documentation.

Because product redesign and certification can take over a year, many manufacturers, particularly SMEs, remain exposed. They often lack the internal expertise to navigate the complex compliance roadmap required to maintain their CE marking.

Akenatech: Your Partner in EU Compliance

Based in Lyon, France, Akenatech specializes in helping hardware manufacturers navigate EU compliance. ISO 27001 and IEC 62443 certified, Akenatech provides direct access to EU-notified certification bodies, supporting companies through the full compliance journey.

Evaluate: Regulatory gap analysis, cyber risk assessment, and a customized compliance roadmap.
Comply: Secure product architecture, corrective measures, vulnerability management, and internal team training.
Validate: Compliance assessment, lab testing, CE certification file preparation, and final validation.

OTEGO Group: Akenatech’s Official Partner in Asia

As Akenatech’s official partner in Asia, we work directly alongside their team of experts to guide you through every stage of the compliance process. By combining Akenatech’s specialized technical knowledge, gained through their work as a leading French cybersecurity firm, with our local support, we provide a seamless experience for manufacturers in Taiwan, India, Japan, and across the broader Asian market.

Together, we help you evaluate your current product status, implement necessary security upgrades, and build a fully compliant, market-ready roadmap to ensure your products remain competitive in the European Union.

Book a Consultation

Resources for Manufacturers

For more information on the topics covered in this article, or to help your team prepare for these upcoming regulatory shifts, refer to the following sources:

Kaohsiung City Government – Forum Coverage: Official event report on the Kaohsiung and France: Innovation Links a New Future forum.

Akenatech – Industrial Cybersecurity and EU Compliance: Access specialized support, white papers, and expert consultations for EU market entry.

Akenatech: Understanding the Cyber Resilience Act: An expert technical overview of the CRA requirements.

— OTEGO Group – Official Asia Partner for Akenatech