Impacting the CRA - Defining standards for the future

Impacting the CRA - Defining standards for the future
19 June 2025 09:30–18:00
Brussels and online

Date: Thursday 19 June 2025 | 09:30-17:00 CEST
Hybrid: Brussels and online
Venue: Autoworld , Parc du Cinquantenaire 11, 1000 Brussels, Belgium

 

The CYBERSTAND Annual Event is the flagship gathering of the CYBERSTAND.eu project.

This year's edition will take place at a strategic moment, the shift from the development of horizontal standards for the Cyber Resilience Act (CRA), which address cross-sectoral cybersecurity requirements applicable to all digital products and services, towards the development of vertical standards, tailored to the specific needs of individual sectors and product categories.

The event is designed to support and guide this transition, providing a platform to promote the CYBERSTAND Specific Service Procedures (SSPs), while strengthening collaboration with initiatives like STAN4CR.

Participants will benefit from a rich agenda that includes:

  • CRA Status and Implementation Update: An overview of the CRA implementation timeline, key challenges, and how standardisation efforts are being aligned.
     
  • Essential Requirements in Practice: A practical session explaining the CRA's essential requirements with concrete examples, supported by an interactive survey to assess awareness and implementation.
     
  • Pathways to Compliance: A discussion covering self-assessment, third-party conformity assessment, and the role of standards in simplifying CRA compliance.
     
  • Horizontal and Vertical Standards Roadmap: A status update on the development of horizontal and vertical standards under the CRA Standardisation Request, highlighting recent progress and future milestones.
     
  • How and Why You Should Contribute to Standards: Insights into the benefits of participating in the CRA standardisation activities.
     
  • Breakout Sessions on Vertical Standards and SME Challenges: Interactive workshops focusing on sector-specific standardisation priorities and SME-specific challenges, producing actionable recommendations and policy inputs.

This event is a unique opportunity for standardisation bodies, policymakers, industry stakeholders, SMEs, and Open Source community members to align, exchange ideas, and shape the next phase of CRA-related standardisation work.

 

Why join us onsite in Brussels?

  • Experience direct networking with policymakers and industry leaders
    Influence discussions, ask questions face-to-face, and be seen as an active player.
     
  • Join interactive breakout groups for in-depth discussions
    Share your perspective, shape recommendations, and bring visibility to your sector’s needs.
     
  • Build valuable connections over coffee and lunch
    Establish relationships that open doors to future collaborations and new opportunities.
     
  • Seats onsite are limited
    Make sure to secure your onsite spot now if you want to be in the room where decisions are influenced.

 

Agenda

Time (CET)Session DetailsSpeakers

09:00 - 09:30

Welcome coffee 

09:30 - 09:40 

Room: Minerva

Setting the scene and workshop objectives (DOWNLOAD SLIDES)Nicholas Ferguson, Trust-IT Services & Cyberstand.eu Coordinator

09:40 - 10:00

Room: Minerva

Opening address - Vision for a cyber-resilient single market (DOWNLOAD SLIDES)

CRA status, implementation next steps & timeline

 

Filipe Jones Mourão, Cybersecurity & Digital Privacy Policy, DG CONNECT, European Commission

 

10:00 - 10:20

Room: Minerva

Essential requirements of the Cyber Resilience Act (DOWNLOAD SLIDES)

Discover how much you know about the CRA and see some real-world examples of how standards can aid compliance.
 

Angelo D’Amato, Vulnir

10:20 - 11:00

Room: Minerva

Pathways To compliance 

We’ll be looking at compliance through standards and what it means in practice to apply a cybersecurity standard and to undergo 3rd party conformity assessment.
 

Chair:
Matteo Molé, ECSO

Panellists:
Dean Zwarts, TIC Council

Adela Prochazkova, Comap
 

11:00 - 11:30

Break 

11:30 - 13:00

Room: Minerva

Navigating CRA Compliance: Support Initiatives and Resources (DOWNLOAD SLIDES)

Presentation of the main support EU-funded projects and resources available to help organisations meet CRA requirements. This includes practical tools, and guidance aiming to simplify compliance efforts, especially for SMEs and open source contributors.

 

Chair
Roberto Cascella, ECSO

Mini-panel 1 - 11:30 - 12:00

Pablo Endres, SevenShift & CRACoWi

Lenka Gondová, Narodny Bezpecnostny Urad (NBU) & TRUSTBOOST

Ulrich Seldeslachts, LSEC & CRACY

 

Mini-panel 2 - 12:00 - 12:30

Philippe Ombredanne, OCCTET 

Mihai Paun, i-ENERGYLINK & CYBERFORT

Iva Tasheva, CYEN & CONFIRMATE

 

Mini-panel 3 - 12:30 - 13:00

Argyro Chatzopoulou, Apiroplus Solutions & CURIUM

Hristian Daskalov, DIH Trakia/Cyber4AllStars & OSCRAT

Patricia Shields, Cybercert Labs & CRA-AI

13:00 - 14:00

Networking lunch 

14:00 - 14:15

Room: Minerva

State of play: Horizontal and Vertical standards roadmap and introduction to the Break outs (DOWNLOAD SLIDES)Lucia Lanfri, CEN-CENELEC

14:15 - 15:30

Room: Executive room

Breakout sessions 1 - Product specific standards (DOWNLOAD SLIDES)

In this session, we will explore several vertical products included in the CRA standardization request, with a focus on how the standards will be developed to support the implementation of the CRA.

Chair: Kim Nordstrom, ETSI

Speakers:

Smart meter gateways: Enrico Frumento, Cefriel 

Hypervisors: Mohamad Hajj, Internet of Trust & Stan4cr Rapporteur

Consumer IoT: Kim Nordstrom, ETSI

14:15 - 15:30

Room: Mahy

Breakout sessions 2 - The CRA and challenges for SMEs (RECORDINGS)

Chair: James Philpott, DIGITAL SME Alliance

Speakers:

Patricia Shields, Cybercert Labs

14:15 - 15:30

Room: Minerva

Breakout sessions 3 - 
Risk management and assessment (DOWNLOAD SLIDES)

Chair: Lucia Lanfri, CEN-CENELEC

Speaker: Ben Kokx, Philips 

15:30 - 16:00

Break  

16:00 - 16:50

Room: Minerva

Plenary - Breakout chairs report & synthesis followed by open floor

The chairs deliver breakout reports, a live poll ranks outputs priority, and the top three actions gain instant follow up through upcoming CYBERSTAND events.

Chair:
Lucia Lanfri, CEN-CENELEC

16:50 - 17:00

Room: Minerva

Summing up the event and next stepsNicholas Ferguson, Trust-IT Services & Cyberstand.eu Coordinator

17:00 - 18:00

Networking cocktail