Skip to main contentSkip to page footer
 

 |  Workshops

Back

Workshop: Cyber Resilience Act – Make Your Software and Processes Fit for the Future

Cybersecurity is not just a trend. It’s the foundation for keeping your software secure and ready for the future. With the Cyber Resilience Act (CRA) and the NIS2 Directive, the EU is setting new standards for digital security – and your company can benefit from them. Now is the right time to take action.

In this workshop, we’ll review your development processes together and define the measures needed to make your existing software and workflows CRA-compliant. You will gain a clear understanding of CRA requirements and learn how to apply them effectively within a secure software development process.

The target group for this awareness training includes the entire development department of a company. It is designed for both technical and non-technical managers, as well as project leaders and software architects. Security officers and those responsible for quality assurance and processes will also benefit from the program. The training is particularly relevant for companies that develop and market software.
 

Key Takeaways

  • Understanding of CRA and secure software development lifecycle
  • Initial assessment of the security level of your development and support processes
  • Practical strategies for improving security processes
  • Concrete measures for secure software development
     

Workshop (1 day + 0.5 days Q&A)

Day 1

  1. Secure Software Development - Awareness Training (~2.5h)
    • Risks in software development
    • Overview of CRA, NIS2, IEC 62443-4-1
  2. Introduction to a software security lifecycle (~2h)
    • Employee qualification (role definition, training)
    • Secure development process (best practices)
    • Product Security Incident Response (PSIRT) process
  3. Joint gap analysis (~2h)
    • Analysis of the architecture & development process from a security perspective
    • Quality assurance: security tools, code reviews & tests
       

Q&A-Session (0.5 days remote)

  • A few days after the workshop, our experts are available again remotely for one or more Q&A session(s)
     

Optional follow-up workshops

  • Joint threat analysis of a project & risk assessment
  • Project analysis with security tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA) with 3rd party vulnerability analysis)
  • Risk analysis of third-party components & SBOM integration
     

Interested in this workshop?

Simply fill out the form and we will get back to you as soon as possible.

 

Workshop Moderator

 

Ralf King is a security expert and head of our “Cyber and Software Security” Competence Center. As a qualified software engineer, he has personally experienced the tasks and challenges in the various project phases from software developer to project manager, while establishing the topic of software security at an early stage. Today, he and his security team support the project teams in every phase and take care of the security development lifecycle in accordance with IEC 62443-4-1.

Back