23-25 March, 2027 | Steigenberger Wiltcher's, Brussels

CRA: From Theory to Practice (R12a)

Translate the Cyber Resilience Act from legislative theory to practical implementation strategies.
25 Mar 2026
1:20 pm
Ballroom C

CRA: From Theory to Practice (R12a)

The Cyber Resilience Act (CRA) marks a significant step forward in improving cybersecurity across Europe. However, putting it into practice will not be without challenges. Its wide scope, ambitious deadlines, and the need for clear, consistent guidance will require careful attention from everyone involved. In this talk, the speakers will reflect on the main aspects, difficulties encountered in the willing to be CAB perspective and possible solutions that the speakers foresee in moving the CRA from theory to real-world application. Based on the speakers’ experience, the speakers will also share practical insights that may help make the transition smoother. The speakers will reflect on how to establish common rules that apply across different sectors and when it is appropriate to rely on environmental assumptions to address specific threats. Drawing on previous regulatory experiences and existing security certification schemes, the speakers will consider the lessons that can support the practical implementation of the CRA, including the assessment of new conformity evaluation modules and proposals. To mitigate the current lack of detailed guidance for these entities, the speakers will highlight the importance of developing clear procedures and guidelines as well as fostering collaboration among stakeholders. Finally, the speakers will consider how greater alignment and mutual recognition across different conformity assessment processes could help manage the overall complexity of the EU’s cybersecurity framework more effectively.