Currently, an increasing fragmentation of the legal requirements for cyber security for products and services is taking place. At the same time, there is an increasing need to strengthen the cyber resilience of products, processes, services and systems. Therefore, German industry advocates five principles that should be taken into account by the EU and national governments in current and upcoming legislative proposals in the area of cyber security.