CRA challenges for IoT devices – Direct Insight, the UK-based technical systems integrator & value-added reseller of system-on-module (SoM) devices & other embedded systems, will join the IoTSF (IoT Security Foundation) monthly webinar in April, as it presents a CRA Special on Thursday 23rd April at 14:00 BST (09:00 EDT; 15:00 CET; 16:30 IST). Since 2023, the popular IoT Security Foundation monthly webinar series has covered cybersecurity hot topics, offering must-see viewing for anyone with interest in what’s happening now and next in the world of connected devices.
April’s webinar will be a CRA special, featuring cybersecurity industry experts, David Pashley and Mustanir Ali. The EU Cyber Resilience Act (CRA) is one of the most far‑reaching CE‑marking regulations to date – and it will impact a wide range of hardware, software and connected products placed on the EU market. Coming into full force in December 2027, the CRA will significantly expand cybersecurity obligations for connected products. If you manufacture, design or supply wireless or digital equipment, this is a session you can’t afford to miss.
IoTSF Regulatory Watch expert and co-founder & Managing Director at embedded systems integrator & value-added reseller, Direct Insight, David Pashley will discuss CRA challenges for IoT devices. As CRA deadlines loom, the last minute may be simply too late for IoT devices which can’t feasibly be made sufficiently secure in time. What design choices can developers of embedded systems at the edge make right now to reduce the cost and pain of the compliance journey which will inevitably be imposed when management finally gets the memo?
Obsessed by electronics from an early age, industry veteran, Pashley began his career by developing a commercially successful software development tool at the age of 19. After his Master’s degree at Imperial College London, with a dissertation in safety-critical hardware design, Pashley followed a career in mainly commercial positions, before co-founding Direct Insight in 1992. His work now spans both engineering and business roles, with special interest in how the embedded development cycle adapts to explosively increasing parallel demands for complexity, safety and security.
Mustanir Ali, Head of Cyber Product Assurance at testing, inspection & certification services provider, Element will also discuss CRA reporting obligations, which from September 2026, will require manufacturers to notify actively exploited vulnerabilities and severe incidents having an impact on the security of their product with digital elements.
