Summary Panel Discussion: Global Vendors, European Rules—A Transatlantic Dialogue on the Cyber Resilience Act (P23a)
The Cyber Resilience Act will apply to any ICT product placed on the EU market — regardless of where it is designed, developed, or manufactured. For non-EU vendors, this means aligning global product strategies with a distinctly European regulatory framework.
This panel brings together senior cybersecurity leaders from major non-European ICT manufacturers alongside a European Commission policy official directly involved in the CRA. Together, they will examine the real-world implications of the Act for global companies seeking continued access to the EU market.
The discussion will focus on practical hurdles facing non-EU vendors: documentation burdens, vulnerability reporting obligations, conformity assessment pathways, supply-chain transparency, and the challenge of aligning CRA requirements with existing global regulatory frameworks. Panelists will explore where friction remains, where clarification is still needed, and how implementation realities compare with policy intent.




