CRA Ready: Governance, Vulnerability Management & Beyond

The EU Cyber Resilience Act (CRA) is reshaping how organizations design, develop, and maintain digital products — and the clock is ticking. With sweeping requirements that touch everything from secure-by-design principles to mandatory vulnerability disclosure, security leaders can no longer afford a wait-and-see approach.

Join us for a candid fireside chat with seasoned cybersecurity practitioners and compliance experts as we cut through the regulatory noise and chat about practical strategies for orgs large and small.

Our conversation will explore:

• CRA Strategies for Security Leaders: We'll explore how CISOs and security executives are reprioritizing budgets, driving cross-functional alignment, and communicating CRA obligations to boards — without losing momentum on existing programs.
• Governance, Risk & Compliance (GRC) in a CRA World: We’ll share how organizations are integrating CRA requirements into existing GRC frameworks like NIS2, ISO 27001, and GDPR to reduce duplication and build audit-ready compliance programs.
• Vulnerability Management Under the CRA: We'll break down what a modern vulnerability management program needs to look like to meet the CRA's demanding disclosure timelines, remediation expectations, and ongoing product support obligations.

Whether you're just getting started on your CRA journey or refining an existing compliance roadmap, this fireside chat will cover actionable insights, new perspectives, and a clearer picture of how other organizations are prioritizing their efforts.

Speakers

Frank Morris

Chief Revenue Officer 

DefectDojo

John Waller 

Risk Advisory Practice Lead

UltraViolet Cyber