The talk provides an overview of the scope, content and practical implementation of the new EU cyber security regulations. In addition to the NIS 2 Directive, which sets out strict requirements for the cyber security of companies, the talk will also examine the new product-related requirements from the Cyber Resilience Act. The focus will be on the areas of application of the regulations, the obligations and liability risks and their implementation in the supply chain. In addition, the current status of the legislative process and best practices for compliance will be presented from a lawyer's perspective.