Workshop: Cyber Resilience Act and the horizontal standards

Date and Time
April 8, 2025, from 9:30 AM to 5:30 PM

Location
Online / Tivoli Hotel, Arni Magnussons Gade 2, Copenhagen, Denmark

The Cyber Resilience Act (CRA) aims to enhance EU cybersecurity by ensuring that digital products and services remain secure throughout their lifecycle. It promotes proactive risk management and accountability, enabling businesses and users to collaborate in building a safer digital future. To support CRA implementation, the European Commission has issued a standardization request to the European Standardization Organizations, focusing on both horizontal standards for a generic framework and vertical standards for specific product risks. This workshop will highlight the work on the horizontal standards required for CRA compliance.

The workshop will give an overview of the Cyber Resilience Act, highlighting the key role of standardization and the way forward. The workshop will provide a comprehensive understanding of how standards can effectively mitigate risks, enhance cybersecurity posture, and ensure that products and services are aligned with the legal expectations set forth by the Act.

The workshop is an opportunity for participants to engage in discussions on two critical sets of standards that are currently under development:

• Principles for cyber resilience: Designing, developing, and producing products with digital elements in such a way that they ensure an appropriate level of cybersecurity based on the risks.
• Vulnerability handling for products with digital elements.

Why should you participate?

The workshop provides a unique platform for you to influence the development of the horizontal CRA standards and share your expertise, insights, and experiences. By participating, you will have the opportunity to shape the future of cybersecurity practices and ensure that the standards developed are comprehensive, practical, and effective.

Target group

Manufacturers and distributors of products with digital elements covered by the Cyber Resilience Act, and other stakeholders eager to share their expertise to help shape the future CRA standards.

Draft agenda

• 9.30 Registration
• 10.00 Welcome and the presentation of the agenda of the day
• 10.10 A brief overview of the Cyber Resilience Act (CRA), key elements, requirements, and the significance of standardization
• 10.30 A short introduction to standardization
• 10.45 Coffee break
• 11.05 Presentation of the workshop's goal
• 11.15 Workshop round 1: Principles for cyber resilience
• 13.00 Lunch
• 14.00 Workshop round 2: Vulnerability handling
• 15.45 Coffee break
• 16.05 Case presentation: Implementing standards - preparation for the CRA in a global company
• 16.35 Next steps for the standardization development
• 16.55 Goodbye and thank you
• 17.00 Networking and drinks
• 17.30 Ending

Contact

STAN4CR: Strengthening Cyber Resilience through European Standardization

The development of harmonized European standards is essential for the successful implementation of the Cyber Resilience Act (CRA). The STAN4CR project, funded by EISMEA (European Innovation Council and SMEs Executive Agency), plays a pivotal role in the drafting process of harmonised standards to support CRA compliance, with a clear focus on delivering the standards by October 2026.

Beyond its technical goals, the project aims to raise public awareness and actively involve key stakeholders in the standardization process. Through these efforts, STAN4CR strives to enhance cyber resilience across the EU Single Market while promoting broader societal engagement in standardization, including participation from SMEs, Open-Source Communities, Academia, and other key actors within the digital ecosystem.

This workshop and the STAN4CR project are funded by the European Union through the European Innovation Council and SMEs Executive Agency (EISMEA), under Grant Agreement No. 101196779.

Signup for the workshop