CRACoWI Partner erminas to Contribute to German Webinar on the Cyber Resilience Act on 19 June

The Cyber Resilience Act (CRA) is increasingly becoming a topic of discussion among companies across Europe. While organisations are working to understand the new requirements, many are asking a more fundamental question: how can they develop products that remain secure and trustworthy throughout their lifecycle?

To support this transition, CRACoWI consortium partner erminas GmbH will participate in the upcoming German-language webinar organised by IHK Oldenburg in cooperation with CYBERsicher – Transferstelle Cybersicherheit im Mittelstand.

📅 19 June 2026, 10:00 – 12:00 AM CEST | online

During the webinar, Dr. Yvette Teiken (erminas GmbH) and Dr. Matthias Kampmann (EASY.CRA) will provide both a regulatory overview and practical perspectives on implementing the CRA.

Participants will gain insight into:

  • what the CRA regulates and who it affects;
  • why the European Union is introducing these requirements;
  • practical challenges related to Software Bills of Materials (SBOMs), vulnerability management, and documentation obligations;
  • pragmatic approaches for integrating CRA requirements into existing processes.

The session is aimed at SMEs with digital products, machinery and plant manufacturers, IoT manufacturers, and professionals working in IT, product development, and compliance who want to prepare for the CRA in a structured and practical way.

For CRACoWI, participation in events such as this reflects the project’s commitment to sharing knowledge beyond the consortium, engaging directly with industry stakeholders, and contributing to the broader European effort to help organisations navigate the transition towards CRA readiness.

👉 Further information and registration are available via the IHK Oldenburg event page: MORE INFO & REGISTRATION

CRAcademy Webinar: How CRA Tools Simplify Compliance

Understanding the scope of the Cyber Resilience Act (CRA) is one thing; meeting its requirements in practice is another.

As the CRA prepares to replace the cybersecurity requirements under the Radio Equipment Directive from December 2027, manufacturers are entering a new phase of readiness. The challenge is no longer just understanding the regulation, but translating legal obligations into compliant products, practical processes, and demonstrable evidence.

To support organisations on this journey, the CRACoWi project invites you to join the next session of the CRAcademy webinar series From Pain Points to Market Readiness – How CRA Tools Simplify Compliance, on 25 June 2026, at 11 AM CEST.

This practical webinar focuses on the reality of CRA implementation. Drawing on experiences from the field, it explores the recurring issues that often delay manufacturers on their path to compliance and demonstrates how a new generation of CRA tools can transform slow, manual activities into structured and repeatable processes.

Participants will gain insight into some of the most common pain points organisations encounter, including incomplete interface inventories, cryptography gaps, and documentation that cannot be easily verified. The session will show how these challenges can be addressed in ways that are actionable for product teams and aligned with the expectations of the regulation.

Designed as a bridge between regulation and engineering reality, the webinar will help attendees better understand what practical CRA readiness looks like and how organisations can prepare efficiently for market placement and future certification activities.

This session is particularly relevant for:

  • Manufacturers of connected and digital products;
  • Engineers, system architects, and product security teams;
  • Product managers and compliance professionals translating requirements into implementation;
  • SMEs preparing for CRA implementation and certification.
    What will you learn?

By attending, you will:

  • Understand why security-by-design sits at the heart of the CRA;
  • See who is responsible for what across manufacturers, consultants, and notified bodies;
  • Recognise the common pain points that lead to costly delays and understand why they occur;
  • Learn how CRA tools reduce manual, error-prone work into repeatable processes;
  • Get direct answers to your questions during the live Q&A session.

📅 26 June 2026 🕚 11:00 AM CEST | ONLINE

Participation is free of charge.

👉 Register today and take the next step from compliance pain points to market readiness.

Meet the Speaker

The session will be presented by Katherine Leese from SevenShift.

Originally from New Zealand and now based in Cologne, Germany, Katherine brings a unique and practical perspective to cybersecurity. After retraining in her forties to become an IT specialist for system integration, she combines hands-on technical experience with an understanding of the real-world challenges organisations face when implementing cybersecurity requirements.

As part of the CRACoWi project, SevenShift contributes to raising awareness about the Cyber Resilience Act and developing practical tools to support compliance. Katherine’s work focuses on helping bridge the gap between regulatory expectations and engineering reality, making complex requirements more understandable and actionable for manufacturers and SMEs alike.

Outside of work, she enjoys parenting a teenager and exploring how technology connects to everyday life.

If you are looking for practical guidance on moving from understanding the CRA to implementing it, this webinar is designed for you.

Participation is free of charge.

👉 Register today and take the next step from compliance pain points to market readiness.

CRACoWi to Join CRA Cluster Event in Malta

📅21 May 2026 | 8:45 – 15:30 CEST | Venue DiHubMT, Malta | Hybrid | English | Free

The CRACoWi project will take part in the upcoming CRA Cluster event in Malta, organised as part of the Cyberstand`s EU Tour under the theme “CRA Standards Unlocked.”

This event brings together key stakeholders from EU-funded projects, industry, and standardisation bodies to discuss the implementation of the Cyber Resilience Act (CRA) and the role of standards in supporting compliance.

Through its participation, CRACoWi will contribute to discussions on how to translate CRA requirements into practical tools and approaches for manufacturers and SMEs. The event provides an opportunity to exchange knowledge, explore synergies with related initiatives, and strengthen collaboration within the CRA ecosystem.

Participation in such events is an important part of CRACoWi’s activities, ensuring that project results remain aligned with real-world needs and contribute to a coordinated European approach helping organisations better understand, prepare for, and implement CRA requirements in practice.

Find out more following the button link:

CRAcademy Webinar Series – A Structured Training Path for Cyber Resilience Act Compliance

CRACoWi is launching the CRAcademy webinar series – a structured set of training sessions designed to support manufacturers, SMEs, and product teams in navigating the EU Cyber Resilience Act (CRA) from understanding to implementation and compliance.

The CRA introduces mandatory cybersecurity requirements for products with digital elements placed on the EU market. While many organisations are aware of the regulation, uncertainty often remains around how obligations translate into practical steps, technical requirements, and demonstrable compliance.

The CRACoWi addresses this gap through CRAcademy training series, workshops and by developing practial tools.

1. CRA Overview, Regulatory Landscape, and Product Classification

FEB 18, 2026 // 11:00 – 12:00 CET

This session provides a structured, practical introduction to the CRA, focusing on how to correctly interpret the regulation, understand its scope, and position your product within the CRA classification framework. You will also gain clarity on how the CRA aligns with and differs from other relevant EU regulations, helping you avoid misinterpretation and compliance gaps.

The webinar is designed as a foundational training session and sets the baseline for all subsequent CRA-related technical and compliance activities.

2. CRA Standards, Risk Analysis, and Technical Requirements

MARCH 26, 2026 // 11:00 – 12:00 CET

This webinar focuses on the practical building blocks of CRA compliance: the current state of standardisation, how risk analysis is expected to be performed, and what the CRA requires in terms of technical cybersecurity measures. You will gain clarity on how harmonised standards support compliance, how risk analysis connects legal obligations to technical controls, and how to interpret the CRA’s technical requirements in a way that is actionable for product teams.

This session is designed as a bridge between regulation and engineering reality.

3. Conformity Assessment, CE Marking, and Vulnerability Management under the CRA

APRIL 14, 2026 // 11:00 – 12:00 CET

Understanding the Cyber Resilience Act is not enough -manufacturers must demonstrate compliance. This webinar focuses on the final and most critical phase of CRA readiness: conformity assessment procedures, the rules and logic behind CE marking, and the ongoing obligations related to vulnerability handling and reporting. You will learn how CRA compliance moves from internal preparation to formal assessment, market placement, and post-market obligations, and how vulnerability handling becomes a continuous compliance requirement rather than a one-off activity.

The session concludes with actionable next steps, translating regulatory obligations into a realistic compliance roadmap.

Speaker

Michael Beine bureau veritas

Michael Beine, Business Unit Manager – CyberSecurity, Bureau Veritas CPS Germany

Michael Beine has over 20 years of experience in the Testing, Inspection, and Certification (TIC) industry. He has led testing and approval activities for a wide range of wireless technologies and developed testing procedures and services for connected and IoT devices.

In recent years, his work has focused on cybersecurity. He acts as a cybersecurity auditor for industrial automation components and systems in line with the IEC 62443 standard and leads cybersecurity services at Bureau Veritas Consumer Product Services in Germany. He is a recognised expert in regulatory cybersecurity compliance for connected products, including RED-DA and the Cyber Resilience Act (CRA).

Subscribe For Updates

WEBINAR: Threat Modelling under the Cyber Resilience Act

📅 20 November 2025 | 14:00–15:00 CET | Online | English | Free

Join us for the first CRACoWi project webinar with Katherine Leese from SevenShift, to explore a practical, evidence-based threat modelling process that aligns directly with the CRA’s risk-assessment and documentation requirements.

Are you ready for the Cyber Resilience Act (CRA)? The CRA requires manufacturers to understand and document cybersecurity risks in their connected products – but how do you actually do that in practice?

This hands-on session bridges the gap between paper compliance and practical, testable security – giving you a repeatable approach adaptable to your own environment.

What you’ll learn:
– How to use Data Flow Diagrams (DFDs) to map system context,
– How to apply STRIDE to identify threats,
– How to link findings to real attacker techniques using MITRE,
– How the CRACoWi Wizard supports you in gathering the right evidence and demonstrating CRA readiness.

Who should attend: Engineers, product security teams, managers, and anyone involved in designing, building, or securing connected products.

ℹ️ This webinar is the first in a series of CRAcademy training sessions — practical learning opportunities designed to help you navigate and implement the Cyber Resilience Act with confidence.