This site has limited support for your browser. We recommend switching to Edge, Chrome, Safari, or Firefox.

Cart 0

No more products available for purchase

Products
Pair with
Add order notes
Subtotal Free
Shipping, taxes, and discount codes are calculated at checkout

Your Cart is Empty

workshop

EU Cyber Resilience Act (CRA)

Overview

The EU Cyber Resilience Act (CRA) is landmark legislation that sets mandatory cybersecurity requirements for all Products with Digital Elements (PDEs) sold in the EU market. It applies to hardware and software, and requires manufacturers to embed security from the earliest design phase through the entire product lifecycle.

This one-day, on-site workshop provides a structured, practical introduction to CRA compliance, covering key topics such as applicability, economic operator roles, product criticality, and cybersecurity risk assessment.


Workshop format

The workshop combines an introduction to the EU regulatory framework with exercises, discussions, and practical tools that support CRA implementation and compliance activities.

Goal

After completing this workshop, participants will have a shared understanding of the legal obligations imposed by the EU Cyber Resilience Act and how these apply to their products and organisation.

The workshop can be tailored to your organization’s needs and may include topics such as:

• CRA policy background and regulatory drivers

• Product applicability assessment

• Economic operator roles and obligations

• Product classification as Default, Important (Class I/II), or Critical PDEs

• Cybersecurity risk assessment and risk scoring

• Secure-by-design principles across the product development lifecycle

Participants will gain sufficient knowledge and practical experience to lead or contribute to a CRA compliance programme immediately after the workshop.


Participants

The workshop is intended for companies that develop, manufacture, import, or distribute products with digital elements that are placed on the EU market.
As CRA compliance is a company-wide effort rather than an engineering-only activity, the workshop is relevant for stakeholders across engineering, product management, quality, cybersecurity, and regulatory functions.

The workshop is suitable for:

• Decision-makers and managers responsible for product strategy, compliance, quality, and business operations

• Development engineers working on connected products

• Security engineers and architects involved in product cybersecurity


Recommended group size

The workshop is designed for interactive discussions and practical exercises. We therefor recommend a minimum of 5 participants and a maximum of 10 participants.


Previous knowledge

No prior knowledge of EU cybersecurity regulation is required. It is beneficial if participants have a good understanding of company-wide processes.

Basic familiarity with the following is beneficial:

• Software or hardware product development

• General concepts of IT security or risk management

• Product lifecycle from design through to market release



Core workshop content

  • CRA in the EU
  • Applicability
  • Economic Operator Role
  • Product Criticality
  • Risk Assessment

Optional extended content
  • Compliance & Conformity
  • Post-Market Monitoring

Summary

This workshop provides a practical introduction to the EU Cyber Resilience Act, structured around the four compliance steps every manufacturer must complete before placing a product on the EU market.

Through a combination of structured presentations and hands-on group exercises – with plenary debriefs at the whiteboard – participants gain a thorough understanding of key CRA concepts, from applicability and economic operator roles to product classification and cybersecurity risk assessment.

After completing the workshop, participants will be equipped to lead or contribute to a CRA compliance programme, supported by a set of ready-to-use templates. They will also understand the competitive opportunity: organisations that achieve early compliance gain market access advantages and a differentiated security credential in the EU market.


Ready to discuss your CRA journey?

Contact us to discuss an on-site workshop tailored to your organization.