Panel Discussion on CRA & RED: Allies or Antagonists? (S20b)
This expert panel will delve into a range of key issues concerning cybersecurity and regulatory standards. They will explore the juxtaposition of process security, as defined by the Cybersecurity Resilience Act (CRA), and the focus on device functionality, particularly under the Radio Equipment Directive (RED). The panel will shed light on differences in security and assurance requirements across various domains and deployment environments, taking into account different user types. They will address questions about the long-term compatibility of these regulations, whether one might eventually supersede the other, and if there’s room for cross-referencing to identify gaps. The talk will also consider how manufacturers are preparing to navigate these evolving standards and how aligning requirements could optimize certification processes. The potential for using the same standards for conformance assessment across different legislations and regulations, as well as achieving alignment with regional policies, will be explored. The impact of these regulations on international requirements, particularly in the US, will also be discussed. The panel will offer insights into whether the extensive legislative and regulatory frameworks are the right approach or if a voluntary one, such as labeling as seen in the US Cyber Trust Mark, is a viable alternative.