Making Cybersecurity Compliance Easier:
Risk Analysis and Threat Modeling

As the necessity for robust cybersecurity is being shaped by international compliance legislation, device makers face new obligations across their product lifecycle, from development to EOL.

Using the EU Cyber Resilience Act (CRA) as an example, this joint webinar from Toradex, NXP & Doulos will demonstrate that getting your cybersecurity risk assessment and threat modeling right isn’t just a box to tick - it's actually the foundation of all of your compliance activities.

This webinar will provide:

• A view of the CRA’s stipulation for a risk assessment and the evolving standards landscape, to see what will likely be strictly required.
• A look at the effect a product’s risk assessment has on the rest of its CRA compliance obligations, to illustrate why it’s so important.
• A practical introduction to threat modeling, with real-world examples.
• An overview to how hardware security features can provide concrete security controls that can shrink attack surfaces and make threat models easier to manage.
• An example of a successful implementation of the risk analysis process.

This session will help you understand how to implement a risk assessment strategy that’s aligned with evolving regulatory requirements. It’s useful for anyone interested in maximizing the security of connected devices, but essential viewing if you're leading development, product security or compliance.

Webinar highlights:

• Relevant CRA sections that mandate risk assessment and threat modeling
• Why a good, correctly scoped risk assessment eases compliance burdens
• How to create a threat model
• How hardware-backed security features can help.