
New Training: EU Cyber Resilience Act (CRA)
SecuRESafe (SRES) is now offering a one-day training course focused on the EU Cyber Resilience Act (CRA). The course provides engineers and technical leaders with a practical understanding of the CRA from an engineering perspective, including how the regulation applies to connected products and products with digital elements.
Participants will explore product classification, responsibilities of manufacturers and other economic operators, conformity assessment pathways, essential cybersecurity requirements, vulnerability handling, technical documentation, and lifecycle compliance obligations. The course emphasizes how CRA requirements translate into practical engineering activities and product development workflows for connected products, including robotics, industrial automation, IoT, and other products with digital elements.
Why Attend?
- Understand the scope, purpose, and implementation timeline of the EU Cyber Resilience Act (CRA)
- Learn how the CRA applies to connected products and products with digital elements
- Explore product classification, including Default, Important Class I, Important Class II, and Critical products
- Understand responsibilities of manufacturers, importers, distributors, and other economic operators
- Navigate conformity assessment pathways and recognize when third-party assessment by a notified body is required
- Apply essential cybersecurity requirements to engineering and product development workflows
- Recognize lifecycle obligations for vulnerability handling, incident reporting, technical documentation, and ongoing product support
Key Topics Include:
- CRA overview, scope, implementation timeline, and relationship to other European regulatory frameworks
- Products with digital elements and connected product development environments
- Roles and responsibilities across the product lifecycle
- Product classification and practical classification examples
- Conformity assessment, notified bodies, harmonized standards, CE marking, and Declarations of Conformity
- Essential cybersecurity requirements, including secure-by-default design, attack surface reduction, credential management, cryptography, SBOM, and secure development practices
- Vulnerability and incident handling, including ENISA reporting obligations and coordinated vulnerability disclosure
- Technical documentation, cybersecurity risk assessments, threat modeling, and lifecycle compliance
Who This Training Is For
This course is intended for engineers, cybersecurity professionals, product managers, and technical leaders involved in developing connected products intended for the European market, including those working with:
- Systems, software, hardware, and cybersecurity engineering for robotics, industrial automation, IoT, and other connected products
- Product development, cybersecurity, and regulatory compliance
- CE marking and product conformity activities
- Products being prepared for compliance with the EU Cyber Resilience Act
Expert Instructors
SRES instructors deliver this training based on practical experience in cybersecurity, functional safety, and safety-critical product development.
Bring This Training to Your Team
This training is currently available on request as a private, one-day course, delivered virtually or in person.


