Workshop: Cyber Resilience Act and the horizontal standards

The Cyber Resilience Act (CRA) aims to enhance EU cybersecurity by ensuring that digital products and services remain secure throughout their lifecycle. It promotes proactive risk management and accountability, enabling businesses and users to collaborate in building a safer digital future. To support CRA implementation, the European Commission has issued a standardization request to the European Standardization Organizations, focusing on both horizontal standards for a generic framework and vertical standards for specific product risks. This workshop will highlight the work on the horizontal standards required for CRA compliance.

The workshop will give an overview of the Cyber Resilience Act, highlighting the key role of standardization and the way forward. The workshop will provide a comprehensive understanding of how standards can effectively mitigate risks, enhance cybersecurity posture, and ensure that products and services are aligned with the legal expectations set forth by the Act.

The workshop is an opportunity for participants to engage in discussions on two critical sets of standards that are currently under development:

Principles for cyber resilience: Designing, developing, and producing products with digital elements in such a way that they ensure an appropriate level of cybersecurity based on the risks. Vulnerability handling for products with digital elements.