online event
An Introduction to the EU Cyber Resilience Act (CRA)
Already joined the UK Export Academy? Sign in
Are your products CRA compliant? In the session you will learn about the requirements of the EU Cyber Resilience Act (CRA), a wide-ranging framework governing the cybersecurity of digital products sold in the EU.
What you’ll learn
- Understand if your product is covered under the CRA legislation
- Understand your obligations in order to comply with the CRA
- Understand the requirements for the handling of security vulnerabilities throughout the lifecycle of your digital product
- Learn how to demonstrate compliance with the requirements of the CRA
Description
during the event we will outline the essential cyber security requirements that manufacturers must meet when placing any product with digital elements into the EU market.
The CRA has been issued to address the significant cost of Cybercrime in the EU (estimated to be over 5Tn Euro) which is often performed by exploiting inadequate security in the software used within digital products. The CRA was passed to protect consumers and businesses by ensuring that everyday devices like smartwatches, baby monitors, and routers meet a certain level of security throughout their lifecycle.
The CRA defines mandatory cybersecurity standards for digital products in the EU.
The EU Cyber Resilience Act (CRA) was approved by the EU on 10th December 2024. There is a 3-year transition period with partial implementation in September 2026 before full compliance in December 2027. With some requirements starting in 19 months, businesses must act quickly to ensure compliance and avoid penalties.
The session will help you understand the timetable for the CRA, the scope of products addressed by the CRA and the responsibilities of the manufacturers in using the software supply chain.
You will learn about the mandatory security requirements which need to be implemented in the design and production of any digital product in order to comply with the CRA.
Speakers
Anthony Harrison
Founder and Director, APH10
Anthony has been developing and delivering mission-critical applications for over 40 years where he has held various roles in software, systems and cyber engineering, and technical leadership. He now runs APH10 which supports businesses in developing software-based products securely with particular emphasis on minimising the risk from the software supply chain.