Login
logo
Compare

CRA for manufacturers owning industrial connectivity - 09:00 CEST

Join our practical, engineering-level webinar on what the Cyber Resilience Act (CRA) actually requires and what it changes for your product, your organization, and your long-term responsibilities. 

  • What CRA actually requires from device makers and machine builders  
  • Where most manufacturers underestimate the scope and risk  
  • What changes if you own your connectivity stack  
  • How to approach compliance without rebuilding everything  

Date & time: 

Wednesday 21th of May | Morning session 09.00 CEST

  • 45-minute expert presentation  
  • 15-minute live Q&A 
  • Practical, example-driven (not theoretical)  

Switch to 4 PM CEST Session

Why attend this webinar 

Most discussions about the Cyber Resilience Act stay at a high level. This webinar does not. If you develop, own, or brand the connectivity inside your device, CRA makes you responsible for: 

  • Security throughout the entire product lifecycle  
  • Vulnerability handling and disclosure  
  • Software documentation (SBOM)  
  • Secure updates for 10–15+ years  
  • Proving all of the above with evidence  

This is not theory, it is a fundamental shift in how connected industrial products must be built and maintained. In this session, we go beyond the regulation itself and explain what it means in real engineering terms. 

What you will learn 

1. What CRA changes if you own connectivity 
Why connectivity is now treated as part of the product’s attack surface, What responsibility you carry vs what can be outsourced , and where most OEMs are currently exposed.  

2. What CRA actually requires in practice 
- Secure development lifecycle (what CRA “formally” requires)  
- Vulnerability monitoring, patching, and disclosure  
- SBOM and long-term traceability  
- Update strategies for long product lifecycles  


3. Why “we already do security” is often not enough 
The gap between current practice and CRA expectations, Why evidence and repeatability matter more than intent, and typical blind spots in legacy connectivity.

4. Why CRA is painful but necessary 
Why voluntary security hasn’t worked in industrial systems, How CRA changes accountability across the supply chain , and what manufacturers actually gain long-term (less firefighting, clearer ownership, stronger customer trust).  

5. What your practical options are going forward 
Keep ownership vs shift responsibility, When replacing legacy connectivity makes sense, and what work you can realistically avoid and what you cannot.

Jens_Jakobsson_bio