Let’s be honest. Secure development often feels like a maze of frameworks, checklists, and compliance requirements. Whether you're wrangling with threat models or trying to keep up with the latest cybersecurity regulations, it’s easy to feel overwhelmed. But what...
In today’s hyperconnected world, digital elements are embedded in everything from smart home devices to industrial machinery. However, with innovation comes responsibility. The EU Cyber Resilience Act (CRA) is reshaping the landscape by introducing a risk-based approach to cybersecurity, requiring all products with digital components to undergo a thorough cybersecurity risk assessment before hitting the market.
About Valmet Valmet has a global customer base across various process industries. The company is a leading global developer and supplier of process technologies, automation, and services for the pulp, paper, and energy industries. With Valmet’s automation and flow...
The EU Cyber Resilience Act is a fundamental change. Its impacts range from portfolio and product management and procurement to development, manufacturing, maintenance and cyber security response. The following mind map summarises the aspects of the act that I...
Chances are that if you are building any type of non-trivial software product, you are standing on the shoulders of giants and rely on an existing ecosystem of open source or commercial components. You cannot really compile even the simplest Hello World in C...
This post is the third part of a series of blog posts, where we discuss the impacts of the new EU Cyber Resilience Act and compare it briefly to the industrial cybersecurity standard IEC 62443. In this Part 3, we will discuss the practical implications that the act...
This post is the second part of a series of three blog posts, where we discuss the impacts of the new EU Cyber Resilience Act (CRA) and compare it briefly to the industrial cybersecurity standard IEC 62443. If you haven't read Part 1 of the series yet, then you can...
This post is the first part of a series of three blog posts, where we will discuss the impacts of EU's new Cyber Resilience Act from the point of view of product development teams and cybersecurity practitioners. This first part introduces the act and focuses on its direct consequences.