First Conference on EU Cyber Resilience Law: CYBICS 2023 in Frankfurt Offers Expert Advice
- Security experts will provide an overview of EU Cyber Resilience Act compliance, security and best practices at the seventh CYBICS conference
- When and where: April 20, 2023, starting at 9 am at the House of Logistics and Mobility (HOLM)
Duesseldorf, March 14, 2023 – For manufacturers, importers and distributors of devices and equipment with digital elements – any product that contains a microchip – a common theme is currently emerging: the challenge of complying in the future with the EU Commission’s new law, the Cyber Resilience Act (CRA). The isits AG International School of IT Security, together with industry partners, invites to the first specialist conference on the Cyber Resilience Act. CYBICS 2023, now in its seventh year, will be held under the title „Compliance, Security and Best Practices: the Cyber Resilience Act“ and will be organized together with partners such as product cybersecurity specialist ONEKEY, TÜV Rheinland and hardware manufacturer utimaco. „The CRA sets the course for the coming decades in the security of IT assets in the coming decades – from small devices to industrial control systems in production. This requires a major paradigm shift in the process, new mechanisms must be created and the industry must set its own standards to avoid falling into the trap of penalties for breaches. With the conference, we provide an overview and concrete assistance for companies along the entire value chain of IT devices of all kinds,“ says Birgitte Baardseth, executive board of the organizer isits AG.
Cybersecurity of IoT/ICS/OT
The conference with prominent speakers from the security and IT industry will provide a comprehensive overview of the compliance requirements of the new EU Cyber Resilience Act. One of the key topics will be the product cybersecurity of IoT/ICS/OT devices and equipment seen from a regulatory perspective. Expert presentations and a panel discussion will provide an in-depth understanding of the CRA requirements and provide concrete guidance on solutions. Speakers include experienced IT legal experts, a representative from the German Federal Office for Information Security (BSI), a company representative from Bosch, a speaker from CERT@VDE, the certification body in the German Association of Engineers in Electrical, Electronic & Information Technologies, and the CEO of a leading IoT security technology vendor. Jan Wendenburg, CEO of ONEKEY, will provide an introduction to the topic. ONEKEY is one of the leading European platforms for automated product cybersecurity & compliance analysis and can fully automatically detect possible CRA violations in software and propose solutions within minutes.
Live hacking exposes serious security vulnerabilities
„The Cyber Resilience Act is valuable in protecting businesses and their ability to create value, as well as protecting home users, but it requires a number of measures to be concerted among manufacturers, importers and distributors. Due diligence and reporting requirements are strict, and third parties product components are also subject to the CRA. Timely preparation and implementation are necessary to avoid products taking much longer to reach the market in the future,“ advises CYBICS speaker Jan Wendenburg. His company, which specializes in IoT security analysis of industrial plants and IoT devices, recently presented a comprehensive written guide to this end, summarizing the essential measures for industry and practical advice on how to implement them, which can be requested here. To demonstrate the ease of a modern cyber-attack on industrial communication and control systems, a live hacking session by internationally renowned white hacker Quentin Kaiser will demonstrate during the seventh CYBICS how quickly modern devices and plant control systems can become a threat.
The full conference programme and agenda, including all speakers, can be found at this link: https://www.cybics.de/programm.html.
ONEKEY is a leading European specialist in product cybersecurity. The unique combination of an automated security & compliance software analysis platform and consulting services by cybersecurity experts provides fast, comprehensive analysis, and solutions in the area of IoT/OT product cybersecurity. Building upon automatically generated „Digital Twins“ and „Software Bill of Materials (SBOM)“ of devices, ONEKEY autonomously analyzes firmware for critical security vulnerabilities and compliance violations, all without source code, device, or network access. Vulnerabilities for attacks and security risks are identified in the shortest possible time, and can thus be remediated in a targeted manner. The easy-to-integrate solution enables manufacturers, distributors, and users of IoT technology to quickly and continuously perform 24/7 security and compliance audits throughout the product lifecycle. Leading international companies in Asia, Europe, and America are already successfully benefiting from the ONEKEY platform and experts.