This session offers a clear overview of the EU Cyber Resilience Act (CRA), why it matters, and how it will shape the future of product cybersecurity across Europe. It brings together stakeholders and EU Commission experts to unpack the CRA’s key provisions, its impact across industries, and the shared path toward a more secure and competitive digital single market.
Participants will learn how the CRA introduces horizontal cybersecurity requirements for all products with digital elements, making security a built-in feature rather than an afterthought. The session will clarify what the new rules mean for manufacturers, software developers, importers, distributors and SMEs, especially as the EU enters the three-year transition period before full application.
The event will also highlight the ongoing work at European level to support compliance: guidance, implementation steps, cooperation between institutions and industry, and the standardisation activities enabling the CRA in practice. Attendees will gain practical insights into how the regulation strengthens supply-chain security, protects consumers and contributes to Europe’s strategic autonomy in the digital space.
CYBERSTAND.eu contribution
CYBERSTAND.eu will join the session with a dedicated presentation on how the Cyber Resilience Act can be made accessible and achievable for smaller businesses. The project coordinator Nicolas Ferguson will outline the concrete actions CYBERSTAND.eu is taking to support SMEs in meeting the CRA’s new obligations. The presentation will showcase how the project helps smaller companies understand their compliance duties, access guidance and training, and navigate the transition period through practical tools, community expertise and capacity-building activities. CYBERSTAND.eu will also highlight how its work aligns with the broader European effort to ensure that the CRA strengthens cybersecurity without creating disproportionate burdens for SMEs.
Agenda
10:00 - 10:10 Welcome by Christiane Kirketerp de Viron, Acting Director for Cybersecurity and Trust, DG CONNECT, European Commission
10:10 – 10:50 The CRA explained: objectives, scope, and practical implications. Cooperation across institutions, industry and Member States: who does what. Turning CRA into reality: key phases of the implementation phase, guidance, and ongoing regulatory efforts and Q&A
10:50 – 11:20 From compliance to innovation: turning regulation into opportunity and state of the play of the standardisation work supporting the CRA. European Standardisation Organisations - CEN-CENELEC (Lucia Lanfri), ETSI (Kim Nordström ), and Q&A
11:20 – 11:50 Making the CRA fit for SMEs: actions to support compliance of smaller businesses.
Presentation by European projects: CYBERSTAND.eu (Nicolas Ferguson) & SECURE (Danilo D'elia) and Q&A.
11:50 – 12:00 Conclusions Q&A
REGISTER NOW