The
Cyber Resilience Act and Horizontal Standards Workshop is a unique opportunity to gain insights into the
key elements of the Cyber Resilience Act (CRA) and to
participate in discussions with other experts to influence the future of cybersecurity and resilience in Europe through the horizontal standards that are developed to support the CRA.
The Cyber Resilience Act (CRA) aims to enhance
EU cybersecurity by ensuring that digital products and services remain secure throughout their lifecycle. It promotes proactive risk management and accountability, enabling businesses and users to collaborate, building a safer digital future. To support CRA implementation, the European Commission has issued a standardization request to the European Standardization Organizations, focusing on both horizontal standards for a generic framework and vertical standards for specific product risks. This workshop will highlight the
work on the horizontal standards required for CRA compliance.
The workshop will give an
overview of the Cyber Resilience Act, highlighting the key role of standardization and the way forward. The workshop will provide a comprehensive understanding of how standards can effectively mitigate risks, enhance cybersecurity posture, and ensure that products and services are aligned with the legal expectations set forth by the CRA.
Topics Covered
This workshop focuses on the critical sets of standards that are currently under development:
Generic Essential Security Requirements (SR CRA, items 2-14)
Establishing fundamental security requirements for products with digital elements, including authentication and access control mechanisms, cryptographic requirements and key management, secure communication protocols, data protection and privacy safeguards, and incident logging and monitoring capabilities.
Why participate?
The workshop provides a unique platform for you to influence the development of the horizontal CRA standards and to share your expertise, insights, and experiences. By participating, you will have the opportunity to shape the future of cybersecurity practices and ensure that the standards developed are comprehensive, practical, and effective.
Target group
Manufacturers and distributors of products with digital elements covered by the Cyber Resilience Act, cybersecurity and standardization professionals, technology industry representatives, certification and assessment bodies, academic institutions and researchers, cybersecurity consultants and auditors, and other stakeholders eager to share their expertise to help shape the future CRA standards.
About STAN4CR
The development of harmonized European standards is essential for the successful implementation of the Cyber Resilience Act (CRA). The STAN4CR project, funded by EISMEA (European Innovation Council and SMEs Executive Agency), plays a pivotal role in the drafting process of harmonized standards to support CRA compliance, with a clear focus on delivering the standards by October 2026.
Beyond its technical goals, the project aims to raise public awareness and actively involve key stakeholders in the standardization process. Through these efforts, STAN4CR strives to enhance cyber resilience across the EU Single Market while promoting broader societal engagement in standardization, including participation from SMEs, Open-Source Communities, Academia, and other key actors within the digital ecosystem.
This workshop and the STAN4CR project are funded by the European Union through the European Innovation Council and SMEs Executive Agency (EISMEA), under Grant Agreement No. 101196779.
More information: [https://www.stan4cra.eu/]
The STAN4CRA project will organize three dissemination workshops on CRA standards development. The first workshop was held in Copenhagen, organized by DS. Follow this link to find the presentations and videos of the speakers:
https://www.ds.dk/en/our-services/workshop-cyber-resilience-act
Simplified Agenda
Time slot |
Activities |
9:30 – 10:00 | Registration and Welcome Coffee |
10:00 – 10:15 | Opening and Introduction |
10:15 – 10:30 | Spanish Landscape: National Cybersecurity Strategy |
10:30 – 10:50 | Overview of the Cyber Resilience Act (CRA) |
10:50 – 11:10 | Introduction to Standardization and Workshop Objectives |
11:10 – 11:30 | Coffee Break |
11:30 – 12:10 | Workshop presentation: Cybersecurity Requirements for Products with Digital Elements |
12:10 – 13:10 | Start of the Dynamic Workshop: Case Study |
13:10 – 14:00 | Lunch Break |
14:00 – 15:30 | Continuation of the Dynamic-Workshop and feedback gathering
|
15:30 – 15:50 | Coffee Break |
15:50 – 16:40 | Closure of the Dynamic Workshop on the Case Study |
16:40 – 16:50 | Next Steps for CRA’s Standardization Development |
16:50 – 17:00 | Closing Words |