Blog @ Telecom Application Developer Summit (TADS)

Skip to content
  • TADS Home
Event Review

TADSummit Special: The EU Cyber Resilience act

March 21, 2023 Alan Quayle 5 Comments

Olle Johansson, Experienced consultant in network security and real time communication – PKI, webrtc, SIP , XMPP. Kamailio and Asterisk expert.

Sandro Gauci, CEO / Senior Penetration Tester / Chief mischief officer at Enable Security

Here are the links to Olle’s presentation and Sandro’s mindmap. Videos are below, along with a brief description and commentary.

The proposed EU cyber resilience act (CRA) is a new legislation that will soon come into force. The act gives vendors a huge responsibility for the security features in sold products and gives customers a transparency into the products as well as five years of free security upgrades for all products. Manufacturers (and distributors of non-EU products) will have to implement vulnerability handling processes, be transparent of components in their products and implement security by default in all products.

What is the current state of IP communications? How will CRA affect everything from phones, to apps , servers and Open Source projects? Will the CRA lead to more secure communication or just be a blocker for innovation and progress?

Learn what the CRA means for you and your company, for manufacturers and for the market in general.

Commentary

For the real-time communications industry this is the definitive review of the EU cyber resilience act (CRA), with lots of practical explanations on their Secure by Design recommendations.

Olle provides a good definition of what is meant by cyber security, see picture below, especially given Cyber is an oft-used marketing term. This picture relates cyber security (protection from attacks by bad actors online), with IT Security, Information Security and general Security.

The Apache LOG4J vulnerability has triggered many governments to put in place new laws to protect their citizens as the balance of power is too far over with the vendors. The CRA has a 24 month implementation timeline, and will impact mobile apps and embedded systems. SaaS services like UCaaS may not be impacted, unless there is device management function.

The big stick to follow CRA is a 15 million Euro fine, or 2.5% of worldwide revenues. Given most software is 80-95% open source, the OSS community are working on processes and automation tools. If you’re selling apps or customer devices or even a SaaS that controls a device you need to start planning now on how to achieve compliance with the EU CRA.

Sandro provides a great practical review of the CRA’s secure by design recommendations for the real time communications industry. It shows the importance of following his RTCSec newsletters. A term both Olle and Sandro use is Security needs shift left. That is be included in the initial phase of product development, not part of QA.

cyber securityEnable SecurityEU CRAEU Cyber Resilience actOlle JohanssonRTCSec newsletterSandro Gaucisecure by design

Post navigation

Previous PostTADSummit 2023 Agenda, 19/20 Oct, ParisNext PostTADSummit Special: Silent Authentication

5 thoughts on “TADSummit Special: The EU Cyber Resilience act”

  1. Pingback: TADSummit Special, March 21-23 - Blog @ Telecom Application Developer Summit (TADS)
  2. Pingback: CXTech Week 15 2023 News and Analysis - Alan Quayle Business and Service Development
  3. Pingback: CXTech Week 18 2023 News and Analysis - Alan Quayle Business and Service Development
  4. Pingback: Free and Open Source Software in Telecoms / Communications. Issues and Likely Development. - Alan Quayle Business and Service Development
  5. Pingback: Mid year Review 2023: The BS in Telecoms is Too Damn High - Alan Quayle Business and Service Development

Comments are closed.

Learn, Share, Code, Create!

Recent Posts

  • TADSummit online Conference, The Australian Election. Which messaging technology won? MMS, SMS or RCS? John Stuckey.
  • TADSummit Online Conference, 30th April, Dan Petrie, The Geeky Side of vCon
  • Podcast 114: Truth in Telecoms David Casem, Telnyx
  • TADSummit Online Conference, 23rd April, Visor.ai, Gonçalo Consiglieri
  • TADSummit Online Conference, 16 April, Threat Models and Counter Intelligence

Recent Comments

  • TADSummit 2025 Online Conference Agenda - Blog @ Telecom Application Developer Summit (TADS) on TADSummit online Conference, The Australian Election. Which messaging technology won? MMS, SMS or RCS? John Stuckey.
  • TADSummit 2025 Online Conference Agenda - Blog @ Telecom Application Developer Summit (TADS) on TADSummit Online Conference, 30th April, Dan Petrie, The Geeky Side of vCon
  • Podcast 114: Truth in Telecoms David Casem, Telnyx - Blog @ Telecom Application Developer Summit (TADS) on Podcast 110: Truth in Telecoms: There is no KYC, Jason Welch
  • TADSummit 2025 Online Conference Agenda - Blog @ Telecom Application Developer Summit (TADS) on TADSummit Online Conference, 23rd April, Visor.ai, Gonçalo Consiglieri
  • TADSummit Online Conference, 23rd April, Visor.ai, Gonçalo Consiglieri - Blog @ Telecom Application Developer Summit (TADS) on Unified compliance for human and AI agents with Call Score. Surbhi Rathore, CEO & Co-Founder, Symbl.ai

Archives

  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • August 2022
  • June 2022
  • May 2022
  • December 2021
  • November 2021
  • October 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • December 2020
  • November 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • February 2020
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • November 2018
  • October 2018
  • September 2018
  • April 2018
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • November 2013
  • October 2013
  • September 2013
  • August 2013

Categories

  • Announcements
  • Developer
  • Event Review
  • Examples
  • News
  • Podcast
  • Sponsors
  • TADHack
  • TADSummit Online Conference
  • TADSummit Preview
  • TADSummit Revisited
  • Telco Focused
  • Uncategorized
https://www.buyventolin.net/
© 2014 JAQ Events - All Rights Reserved