Cyber Resilience Act Strategy

The best way to start your journey towards Cyber Resilience Act compliance

What can I expect?

This service package is designed to give you the right tools to understand the implications of the upcoming Cyber Resilience Act (CRA) for your IoT devices. After starting with a holistic introduction into the topic, Cumulocity’s dedicated experts will support in evaluating your current architecture, identifying gaps, and implementing a solution that aligns with the CRA and your product roadmap as well as your current IT infrastructure and processes.

The whole engagement will be conducted partially remotely and partially onsite within 5 days based on a fixed price contract.

How does it work?

To ensure a smooth and logical procedure, Cumulocity will navigate through the following phases:

1. CRA Introduction Phase - Required Knowledge Ramp-Up

  • Introduction into the world of CRA including main regulations and timelines
  • Focus on core requirements and its related challenges for manufacturers of connected IoT devices
  • Presentation of proposed CRA reference architecture combining different components
  • Walkthrough of checklist covering all information which customer has to prepare for the second phase of the engagement

2. CRA Gap Analysis - Hands-On Examination

  • Review and clarification of core requirements and corresponding challenges
  • Customer-led introduction into current technical landscape and supported hardware
  • Identification of already fulfilled regulatory requirements
  • Conduction of fit-gap analysis between current state and to-be state
  • Gathering of open topics to achieve CRA compliance
  • Prioritization of existing obstacles
  • Determination of adequate measures and actions for risk elimination
  • Definition of customized reference architecture as well as required actions and recommendations to get there

3. CRA Conclusion - Presentation and Documentation

  • The results of the workshop are summarised and shared with the customer and presented to all involved stakeholders on both sides
  • The deliverable is the customized reference architecture as well as the prioritised and pre-validated CRA strategy including a short, medium and long-term action plan

What will I gain?

  • Well-founded introduction into the CRA universe
  • Expert guidance to confidentially tackle upcoming CRA challenges

Who should participate?

  • Security Architect
  • Solution Architect
  • System Administrator/Operator

What results can I expect from this offer?

  • Future and CRA-compliant reference architecture
  • Prioritized CRA strategy as well as dedicated actions and recommendations to achieve compliance within the legally prescribed timelines
  • Advice as well as hands-on support from a dedicated expert related to all raised CRA concerns and questions

Professional services

By submitting this form I understand that Cumulocity and its group of companies may contact me with information about its products, services and events and I give consent to Cumulocity to process my personal data for these purposes. I understand that I can withdraw consent at any time by following the unsubscribe link in any email I receive.  For information on our privacy policy and your rights, check out our privacy policy.