Principal Architect, Red Hat
The EU Cyber Resilience Act (CRA) is often seen as a regulation aimed solely at commercial devices in the European market. But that’s one of several common misconceptions. In reality, CRA introduces mandatory cybersecurity requirements that affect a much broader range of stakeholders — including software companies, open-source developers, maintainers, integrators, distributors, and enterprise users — across the globe. To help your organization to be better prepared, in this talk we’ll debunk the 5 most widespread myths about the CRA, and how to ensure that you stay compliant. You’ll gain clarity on how the different CRA roles like Manufacturer, Open Source Software Steward, and Individual Developer play together and how those roles map to real-world products and organizations.
Bio:
Roman is a cybersecurity expert and leader with 17+ years of experience securing complex systems and products. As Principal Architect at Red Hat, he drives open-source security strategy and cross-industry collaboration to build trusted software ecosystems. Formerly, he led Product Security & Privacy for Data Center and AI software at Intel. Roman contributes to global open-source security initiatives and standardization efforts, including the EU Cyber Resilience Act. He is also a university lecturer, startup advisor, and mentor, advocating for practical and responsible cybersecurity.