The message from RSA Conference 2025 in San Francisco couldn’t be clearer: cybersecurity compliance is no longer a nice-to-have — it’s a must-have. For manufacturers of connected devices, this shift is happening fast, and the companies that adapt early will be the ones that thrive.
Why This Matters Now More Than Ever
If you're a device manufacturer, you already know the landscape is shifting. Regulatory frameworks are tightening, technical requirements are getting more complex, and customer expectations are evolving.
Now, imagine cutting through that complexity with a platform that streamlines the entire cybersecurity compliance journey — turning regulatory chaos into clarity. That’s exactly the momentum we’re seeing with CyberPass at RSA.
RSA Conference 2025: Key Takeaways
RSA 2025 was a melting pot of insights, and here are the top trends shaping the future of cybersecurity for connected products:
- Compliance is top of mind. From OEMs to service providers, everyone is talking about cybersecurity mandates.
- Complexity is real — but so is the drive to overcome it. There’s a growing sense of urgency and collaboration to streamline compliance.
- CyberPass is gaining serious traction. Industry leaders are paying attention to automated platforms that simplify assessments and documentation.
- We’re bringing the momentum home. Our team is heading back to Paris with fresh insights and new opportunities to help our clients move faster and smarter.
Why You Should Care
If your business touches connected devices in any way — from design to delivery — the regulatory bar is rising:
- New rules under the RED Directive, EN 18031, and the Cyber Resilience Act (CRA) are already impacting timelines and product strategies.
- Your competitors are acting now to stay compliant — and to turn that compliance into a market advantage.
- Delays in adapting can mean product hold-ups, financial penalties, or even market exclusion.
In short: compliance is no longer just about risk — it's about relevance.
What You Can Do Today
Whether you’re just starting your cybersecurity compliance journey or looking to refine it, here are some practical steps to take now:
- Audit your connected products against cybersecurity requirements.
- Prioritize alignment with key EU regulations like the RED Directive and EN 18031.
- Leverage platforms like CyberPass to streamline assessments, documentation, and reporting.
- Engage with experts early — it’s much easier (and cheaper) to prevent issues than to fix them later.
Key Regulations to Watch
Here’s a quick breakdown of the standards and regulations shaping the compliance landscape:
- RED Directive (Radio Equipment Directive)
Sets baseline cybersecurity requirements for connected devices in the EU. - EN 18031
A new harmonized standard aligning with the RED Directive — critical for simplifying technical assessments. - Cyber Resilience Act (CRA)
Introduces broad product security rules with mandatory vulnerability handling and post-market surveillance.
- NIS2 Directive
Expands security obligations across critical sectors — cybersecurity is no longer just an IT concern.
Final Thought: Security as a Business Enabler
Cybersecurity doesn't have to be a blocker. Done right, it becomes a competitive differentiator — speeding up market entry, building customer trust, and unlocking long-term value.
We’ll continue to share updates and insights as the landscape evolves. In the meantime, if your team isn’t already preparing for these changes, now is the time to start.
📩 Have questions? Want to know how CyberPass can support your product security journey? Contact our team.
♻️ Share this article with your compliance, product, and engineering teams — because cybersecurity is a team sport.