{"id":3567,"date":"2026-04-21T13:07:59","date_gmt":"2026-04-21T13:07:59","guid":{"rendered":"https:\/\/www.carmasec.com\/services\/information-security-and-compliance\/cyber-resilience-act\/"},"modified":"2026-05-29T15:30:07","modified_gmt":"2026-05-29T15:30:07","slug":"cyber-resilience-act","status":"publish","type":"page","link":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/","title":{"rendered":"Cyber Resilience Act"},"content":{"rendered":"\n<section id=\"m-hero__container-block_dd66a5b02ba4225e9a2e1f05367bccda\" class=\"m-hero__container  u-color-white u-relative\"><figure class=\"u-absolute u-pos--top u-pos--left u-full--width u-full--height\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/background-image-hero-1920x700.jpg\" width=\"1920\" height=\"700\" srcset=\"\" sizes=\"(max-width: 1920px) 100vw, 1920px\" alt=\"Blauer Hintergrund\" class=\"u-image--cover\"  \/>\n        <\/figure><div class=\"o-container u-relative u-index--1 u-pt-x20 u-pb-x20 u-pt-x40@md u-pb-x40@md\">\n        <div class=\"o-grid\">\n            <div class=\"o-grid__col u-6\/12@md u-mt-x6 u-mt-x0@sm\" data-aos=\"fade\">\n                <h1>Sustainable CRA Measures for Enhanced Product Security and Competitiveness<\/h1>\n<p>The CRA sets specific requirements for manufacturers, importers, and distributors of digital products. With carmasec, you understand your obligations, receive a reliable roadmap, and implement the requirements on schedule.<\/p>\n<p>&nbsp;<\/p>\n<p><a class=\"c-btn c-btn__primary u-mt-x3\" href=\"#leistungen\">Our Services<\/a> <a class=\"c-btn c-btn--white u-mt-x3\" href=\"https:\/\/www.carmasec.com\/en\/contact\/\">Get a consultation now<\/a><\/p>\n\n            <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-tiles__container-block_e02e529bd3a60a17f2d1231e5e1384b3\" class=\"m-tiles__container u-pt-x0 u-pb-x8 u-pt-x0@md u-pb-x20@md u-bgcolor-secondary u-overlap u-mt--x20@md\">\n    <div class=\"o-container\">\n        <div class=\"o-grid o-grid--center u-text-center\">\n                <div class=\"o-grid__col u-mb-x4 u-6\/12@sm u-3\/12@md\" data-aos=\"none\">\n                \n                    <figure class=\"c-card u-relative u-block u-full--height c-card--gradient u-p-x4 u-p-x8@md\">\n                        <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/icon-checkliste.svg\" width=\"64\" height=\"64\" srcset=\"\" sizes=\"(max-width: 480px) 100vw, 480px\" alt=\"Checklisten-Icon\" class=\"u-image__icon u-mb-x5\"  \/>\n                        <figcaption class=\"u-relative\"><h5>Key Facts<\/h5>\n<p>The CRA applies to hardware, software, and networked systems with digital elements. Initial reporting obligations for actively exploited vulnerabilities take effect from September 2026. <strong>From December 2027<\/strong>, only compliant products may be placed on the EU market. Violations may result in fines of up to <strong>15 million euros or 2.5 percent<\/strong> of global annual revenue, as well as sales bans.  <\/p>\n<\/figcaption>\n                    <\/figure>\n                    \n                <\/div>\n                <div class=\"o-grid__col u-mb-x4 u-6\/12@sm u-3\/12@md\" data-aos=\"none\">\n                \n                    <figure class=\"c-card u-relative u-block u-full--height c-card--gradient u-p-x4 u-p-x8@md\">\n                        <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/icon-integration-puzzle.svg\" width=\"64\" height=\"64\" srcset=\"\" sizes=\"(max-width: 480px) 100vw, 480px\" alt=\"Puzzle-mit-Haken-Icon\" class=\"u-image__icon u-mb-x5\"  \/>\n                        <figcaption class=\"u-relative\"><h5>Complex Requirements<\/h5>\n<p>The CRA requires Security by Design, comprehensive vulnerability management, regular security updates for at least five years, a complete SBOM, and a conformity assessment with CE marking. The requirements affect development, product management, and executive management equally. <\/p>\n<\/figcaption>\n                    <\/figure>\n                    \n                <\/div>\n                <div class=\"o-grid__col u-mb-x4 u-6\/12@sm u-3\/12@md\" data-aos=\"none\">\n                \n                    <figure class=\"c-card u-relative u-block u-full--height c-card--gradient u-p-x4 u-p-x8@md\">\n                        <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/icon-security-defense-1.svg\" width=\"64\" height=\"64\" srcset=\"\" sizes=\"(max-width: 480px) 100vw, 480px\" alt=\"Schutzschild mit Kreispfeilen-Icon\" class=\"u-image__icon u-mb-x5\"  \/>\n                        <figcaption class=\"u-relative\"><h5>Known Challenges<\/h5>\n<p>Many organizations have previously focused on functional safety. Responsibilities for cybersecurity are often unclear. Legacy products can only be retrofitted with considerable effort. And the regulation itself is complex, while binding standards are still pending.   <\/p>\n<\/figcaption>\n                    <\/figure>\n                    \n                <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-text__container-block_1243c5ebedd6f67a2b4e9f5a6636874c\" class=\"m-text__container u-pt-x8 u-pb-x8 u-pt-x20@md u-pb-x20@md\"><div class=\"o-container u-relative\">\n        <div class=\"o-grid\">\n                <article class=\"o-grid__col u-10\/12@md\" data-aos=\"none\">\n                    <p class=\"u-color-primary h4\" style=\"text-align: left;\">cra. done. right.<\/p>\n<h2 style=\"text-align: left;\">Your Partner for the Cyber Resilience Act<\/h2>\n<p style=\"text-align: left;\">We bring experience from complex compliance projects. We analyze which of your products fall under the CRA and implement the requirements in a structured manner. Every measure is tailored to your context. The result: complete, auditable CRA compliance that secures the EU market.   <\/p>\n\n                <\/article>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-headline__container-block_8605293a208d44826a31e9e1d20d3c94\" class=\"m-headline__container u-pt-x8 u-pb-x0 u-pt-x20@md u-pb-x0@md u-bgcolor-gray-blue\">\n    <div class=\"o-container\">\n        <div class=\"o-grid\">\n            <div class=\"o-grid__col u-8\/12@md\" data-aos=\"none\"><h2>Getting Started with CRA Compliance<\/h2><u-uppercase> Tailored to your specific needs.<\/u-uppercase><\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-pricing__container-block_30aeb04445f485e0f267ea59b2b692f2\" class=\"m-pricing__container u-pt-x8 u-pb-x8 u-pt-x20@md u-pb-x20@md u-bgcolor-gray-blue\">\n    <div class=\"o-container\">\n        <div class=\"o-grid o-grid--middle o-grid--center\">\n                <div class=\"o-grid__col u-jc-center u-relative u-mv-x5 u-mv-x10@sm u-4\/12@md\" data-aos=\"none\">\n                    <article class=\"m-pricing c-card--border-small u-bgcolor-white u-relative c-card u-flex u-fd-col u-full--width u-text-center u-p-x3 u-p-x8@sm\"><div class=\"u-relative\"><h4>Starter<\/h4>\n<p><strong>Determining Impact<\/strong><\/p>\n<p>You\u2019ll quickly know which of your products fall under the CRA and exactly what is required of you.<\/p>\n<ul class=\"c-list__checkmark\">\n<li>Impact analysis of your products<\/li>\n<li>Classification into CRA product categories<\/li>\n<li>Initial assessment of the need for action<\/li>\n<li>Summary for management<\/li>\n<\/ul>\n<p class=\"h3\">start 1.500 \u20ac*<\/p>\n<p class=\"o-type-small\">depending on the number of products<\/p>\n<p><a class=\"c-btn c-btn__secondary u-mt-x3\" href=\"#form\">Schedule a strategy call<\/a><\/p>\n<\/div>\n                    <\/article>\n                <\/div>\n                <div class=\"o-grid__col u-jc-center u-relative m-pricing--ribbon u-mv-x5 u-mv-x10@sm u-4\/12@md\" data-aos=\"none\">\n                    <article class=\"m-pricing m-pricing--highlight u-color-white u-bgcolor-secondary u-pv-x12@sm u-relative c-card u-flex u-fd-col u-full--width u-text-center u-p-x3 u-p-x8@sm\"><div class=\"u-relative\"><h4>Professional<\/h4>\n<p><strong>Clarity and Roadmap<\/strong><\/p>\n<p>You know you&#8217;re affected. We analyze the current situation, identify the gaps, and provide a prioritized roadmap with concrete next steps.<\/p>\n<ul>\n<li>Everything from the Starter<\/li>\n<li>Document Toolbox<\/li>\n<li>Gap assessment against all CRA requirements<\/li>\n<li>Prioritized action roadmap<\/li>\n<li>Concrete next steps based on proven blueprints<\/li>\n<\/ul>\n<p class=\"h3\">start 9.000 \u20ac*<\/p>\n<p><a class=\"c-btn c-btn__secondary u-mt-x3\" href=\"#form\">Schedule a strategy call<\/a><\/p>\n<p>&nbsp;<\/p>\n<p class=\"o-type-small\">\n<\/div>\n                    <\/article>\n                <\/div>\n                <div class=\"o-grid__col u-jc-center u-relative u-mv-x5 u-mv-x10@sm u-4\/12@md\" data-aos=\"none\">\n                    <article class=\"m-pricing c-card--border-small u-bgcolor-white u-relative c-card u-flex u-fd-col u-full--width u-text-center u-p-x3 u-p-x8@sm\"><div class=\"u-relative\"><h4>Managed<\/h4>\n<p><strong>Full implementation<\/strong><\/p>\n<p>Ongoing support as a trusted advisor for your CRA compliance.<\/p>\n<ul>\n<li>Defined monthly hour allocation<\/li>\n<li>Regular scheduled meetings<\/li>\n<li>Review of actions and documentation<\/li>\n<li>Consultation on CRA<\/li>\n<li>Support with action planning<\/li>\n<\/ul>\n<p class=\"h3\">start 3.500 \u20ac*<\/p>\n<p class=\"o-type-small\">per month, depending on scope<\/p>\n<p><a class=\"c-btn c-btn__secondary u-mt-x3\" href=\"#form\">Request a retainer<\/a><\/p>\n<p class=\"o-type-small\">We\u2019ll put together a customized package for you.<\/p>\n<p>&nbsp;<\/p>\n<\/div>\n                    <\/article>\n                <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-text__container-block_69946ce6f86d15624ccb3f62686f812d\" class=\"m-text__container u-pt-x8 u-pb-x0 u-pt-x20@md u-pb-x0@md\"><div class=\"o-container u-relative\">\n        <div class=\"o-grid\">\n                <article class=\"o-grid__col\" data-aos=\"none\">\n                    <h3 style=\"text-align: left;\">From Day One<\/h3>\n<p style=\"text-align: left;\">With carmasec, you have an experienced partner for the entire Cyber Resilience implementation. From initial assessment to auditable compliance. You quickly understand which of your products are affected, what is specifically required, and which steps are next.  <\/p>\n\n                <\/article>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-quote__container-block_ff4adab6c83ea7b1a75b4c3b24f02ec6\" class=\"m-quote__container u-pt-x8 u-pb-x8 u-pt-x20@md u-pb-x20@md\">\n    <div class=\"o-container u-relative u-ph-x0\"><div class=\"m-slider__quote m-slider__quote--image\">\n                <div class=\"m-slider__quoteInner u-ph-x6 u-ph-x0@md\">\n                    <div class=\"o-grid o-grid--center o-grid--middle\">\n                        <div class=\"o-grid__col u-5\/12@sm u-3\/12@md u-text-center u-text-left@sm u-mb-x6 u-mb-x0@sm\">\n                        <\/div>\n                        <article class=\"o-grid__col u-5\/12@sm u-push-1\/12@md u-text-center u-text-left@sm\"><blockquote class=\"h4 u-weight-regular\">The Cyber Resilience Act fundamentally changes the way cybersecurity is approached in products. The implication is clear: No CRA compliance means no CE marking. And no CE marking means no market access in the EU.<\/blockquote><p class=\"o-type-small\"><strong>Holger K\u00fchlwetter<\/strong>, Senior Security Consultant<\/p><a href=\"#form\" class=\"c-btn c-btn__secondary u-mt-x4\" target=\"_self\">Contact Expert<\/a><\/article>\n                    <\/div>\n                <\/div><\/div>\n    <\/div>\n<\/section>\n\n\n<section\n    id=\"m-media-text__container-block_b98c833fbc6bbbb39f0b98f9d3a1bd0e\"    class=\"u-relative m-media-text__container u-pt-x8 u-pb-x8 u-pt-x20@md u-pb-x16@md u-color-white\"\n>\n    <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/background-image-hero-1024x570.jpg\" width=\"1024\" height=\"570\" srcset=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/background-image-hero-1024x570.jpg 1024w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/background-image-hero-300x167.jpg 300w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/background-image-hero-768x427.jpg 768w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/background-image-hero-1536x854.jpg 1536w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/background-image-hero.jpg 1920w\" sizes=\"(max-width: 1380px) 100vw, 1380px\" alt=\"Blauer Hintergrund\" class=\"u-absolute u-pos--top u-pos--left u-full--width u-full--height\"  \/>\n    <div class=\"o-container u-relative\">\n        \n                    <div class=\"o-grid o-grid--center o-grid--middle\">\n                <figure class=\"m-media-text__image o-grid__col u-6\/12@sm u-5\/12@md u-text-center u-mb-x6 u-mb-x0@sm\" data-aos=\"fade\">\n                    <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Bild_Download-1.jpg\" width=\"1366\" height=\"768\" srcset=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Bild_Download-1.jpg 1366w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Bild_Download-1-300x169.jpg 300w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Bild_Download-1-1024x576.jpg 1024w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Bild_Download-1-768x432.jpg 768w\" sizes=\"(max-width: 640px) 100vw, 640px\" alt=\"Whitepaper-Cover \u201eCyber Resilience Act kommt. Sind deine Produkte bereit?\" von carmasec Leitfaden f\u00fcr Hersteller digitaler Produkte zur CRA-Konformit\u00e4t, mit Inhalts\u00fcbersicht und Einf\u00fchrungsseite.\" class=\" u-image--rounded-large\"  \/>                <\/figure>\n\n                <article class=\"m-media-text__content o-grid__col u-6\/12@sm u-6\/12@md u-push-1\/12@md\" data-aos=\"fade\">\n                    <h3>CRA at a Glance<\/h3>\n<p>The Cyber Resilience Act requires manufacturers, importers, and distributors of digital products to demonstrate security throughout the entire product lifecycle. The requirements apply starting from the initial development phase and include security by design, vulnerability management, reporting obligations, SBOM documentation, security updates for at least five years, and a conformity assessment with CE marking.<\/p>\n<p>You can find all the details on <b>requirements, deadlines, and common implementation mistakes<\/b> in our free white paper (in german).<\/p>\n<p><a class=\"c-btn c-btn--white u-mt-x3\" href=\"https:\/\/www.carmasec.com\/de\/security-knowledge\/cyber-resilience-act-grundlagen-anforderungen\/\">Download<\/a><\/p>\n                <\/article>\n            <\/div>\n\n        \n            <\/div>\n<\/section>\n\n\n<section\n    id=\"m-media-text__container-block_5e3781db6b9564d72b7c6955caf5ca6d\"    class=\"u-relative m-media-text__container u-pt-x8 u-pb-x0 u-pt-x20@md u-pb-x0@md\"\n>\n    \n    <div class=\"o-container u-relative\">\n        \n                    <div class=\"o-grid o-grid--center\">\n                <figure class=\"m-media-text__image o-grid__col u-6\/12@sm u-5\/12@md u-text-center u-mb-x6 u-mb-x0@sm\" data-aos=\"none\">\n                    <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Whitpaper.jpg\" width=\"1000\" height=\"750\" srcset=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Whitpaper.jpg 1000w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Whitpaper-300x225.jpg 300w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/CRA_Whitpaper-768x576.jpg 768w\" sizes=\"(max-width: 640px) 100vw, 640px\" alt=\"Illustration zum Cyber Resilience Act der EU mit CE-Kennzeichnung auf einem Computerchip\" class=\" u-image--rounded-large\"  \/>                <\/figure>\n\n                <article class=\"m-media-text__content o-grid__col u-6\/12@sm u-6\/12@md u-push-1\/12@md\" data-aos=\"none\">\n                    <h3>Only an analysis can reveal the true extent of the gap<\/h3>\n<p>Many companies believe their products already largely meet cyber resilience requirements. Gap analyses consistently paint a different picture, as the gap between perceived and actual compliance is often wider than expected.<\/p>\n<p>&nbsp;<\/p>\n<p><a class=\"c-btn c-btn__secondary u-mt-x3\" href=\"https:\/\/www.carmasec.com\/en\/security-knowledge\/case-study-cra-compcomplaince-sichere-produktentwicklung\/\">Read the case study<\/a><\/p>\n                <\/article>\n            <\/div>\n\n        \n            <\/div>\n<\/section>\n\n\n<section id=\"services\" data-anchor-title=\"Services\" class=\"m-tiles__container u-pt-x8 u-pb-x8 u-pt-x20@md u-pb-x20@md\">\n    <div class=\"o-container\">\n        <div class=\"o-grid\">\n                <div class=\"o-grid__col u-mb-x4 u-6\/12@sm u-4\/12@md\" data-aos=\"slide-left\">\n                \n                    <figure class=\"c-card u-relative u-block u-full--height u-bgcolor-gray-blue u-p-x4 u-p-x8@md\">\n                        <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/icon-checkmark.svg\" width=\"66\" height=\"66\" srcset=\"\" sizes=\"(max-width: 480px) 100vw, 480px\" alt=\"H\u00e4kchen-Icon\" class=\"u-image__icon u-mb-x5\"  \/>\n                        <figcaption class=\"u-relative\"><p>We support organizations from initial assessment to auditable compliance. Every measure is aligned with the products and processes. <\/p>\n<\/figcaption>\n                    <\/figure>\n                    \n                <\/div>\n                <div class=\"o-grid__col u-mb-x4 u-6\/12@sm u-4\/12@md\" data-aos=\"slide-left\">\n                \n                    <figure class=\"c-card u-relative u-block u-full--height u-bgcolor-gray-blue u-p-x4 u-p-x8@md\">\n                        <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/icon-checkmark.svg\" width=\"66\" height=\"66\" srcset=\"\" sizes=\"(max-width: 480px) 100vw, 480px\" alt=\"H\u00e4kchen-Icon\" class=\"u-image__icon u-mb-x5\"  \/>\n                        <figcaption class=\"u-relative\"><p>Our experience ranges from mid-sized manufacturers to internationally operating companies with complex product portfolios.<\/p>\n<\/figcaption>\n                    <\/figure>\n                    \n                <\/div>\n                <div class=\"o-grid__col u-mb-x4 u-6\/12@sm u-4\/12@md\" data-aos=\"slide-left\">\n                \n                    <figure class=\"c-card u-relative u-block u-full--height u-bgcolor-gray-blue u-p-x4 u-p-x8@md\">\n                        <img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/icon-checkmark.svg\" width=\"66\" height=\"66\" srcset=\"\" sizes=\"(max-width: 480px) 100vw, 480px\" alt=\"H\u00e4kchen-Icon\" class=\"u-image__icon u-mb-x5\"  \/>\n                        <figcaption class=\"u-relative\"><p>We combine governance, technical analysis, and operational implementation in one team to eliminate friction losses.<\/p>\n<\/figcaption>\n                    <\/figure>\n                    \n                <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-headline__container-block_cd9142384d958cefc775e7b4574f56f1\" class=\"m-headline__container u-pt-x8 u-pb-x0 u-pt-x20@md u-pb-x0@md u-bgcolor-gray-blue\">\n    <div class=\"o-container\">\n        <div class=\"o-grid\">\n            <div class=\"o-grid__col\" data-aos=\"flip-right\"><h4>FAQ<\/h4><h3>Do you have questions about the Cyber Resilience Act? Here are our answers <\/h3><\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-accordion__container-block_aeeecf47ff41e254cdade99da87018c7\" class=\"m-accordion__container u-pt-x4 u-pb-x8 u-pt-x12@md u-pb-x20@md u-bgcolor-gray-blue\">\n    <div class=\"o-container\">\n        <div class=\"o-grid\">\n            <div class=\"o-grid__col u-12\/12@md\">\n                <div class=\"m-accordion\" itemscope itemtype=\"https:\/\/schema.org\/FAQPage\">\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     Am I affected by the CRA?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>The CRA applies to all products with digital elements that are manufactured, imported, or sold in the EU. This includes hardware with embedded software, software products, and networked systems. Exceptions include medical devices and vehicles, which are subject to their own regulations.  <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     What does Security by Design mean?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>Security is planned from the first development phase. This includes systematic risk analysis, threat models, and traceable documentation of all security-relevant decisions. <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     What does the CRA require for conformity assessment?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>Products must undergo a conformity assessment before being placed on the EU market. CE marking is a prerequisite for market access. <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     How does the CRA differ from NIS-2?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>NIS-2 regulates operators of essential and critical infrastructure. The CRA regulates products with digital elements and is directed at manufacturers, importers, and distributors. Both regulations may apply simultaneously.  <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     How comprehensive is the CRA Starter Package and where does it end?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>CRA Starter clarifies impact, risk classes, and initial action requirements. Structured implementation begins with CRA Professional. <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     What distinguishes your gap assessment from a traditional gap analysis?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>We deliver prioritized measures that are immediately actionable. The assessment is based on your specific products and processes. <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     Which areas and roles are involved?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>Development, product management, legal, and executive management.<\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     How can the results be integrated into existing governance structures?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>We align the measures with existing structures. Organizations that already operate an ISMS can build CRA requirements directly on it. <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     What is the added value compared to an internal analysis?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>We bring experience from numerous CRA projects. You receive a reliable assessment that surpasses internally developed analyses in depth and practical relevance. <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     Who bears legal responsibility?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>Manufacturers bear primary responsibility. Importers and distributors are liable if they fail to ensure compliant products. Executive management is personally responsible for compliance with reporting obligations.  <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                         <div class=\"m-accordion__item u-bgcolor-white u-mb-x2\" itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" data-aos=\"none\">\n                             <div class=\"m-accordion__header u-relative u-pv-x2 u-pv-x4@sm u-ph-x3 u-ph-x6@sm\">\n                                 <p class=\"h6 u-mb-x0\" itemprop=\"name\">\n                                     What happens after CRA Starter or Professional?\n                                 <\/p>\n                             <\/div>\n                             <div class=\"m-accordion__body u-relative u-index--1\" itemscope itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\">\n                                 <div class=\"u-ph-x3 u-ph-x6@sm u-pb-x2\" itemprop=\"text\"><p>You decide whether to manage implementation internally or entrust it to experienced hands with CRA Enterprise. We support both paths. <\/p>\n<\/div>\n                             <\/div>\n                         <\/div>\n                 <\/div>\n            <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-headline__container-block_b1a3bf44b924f24360e53ade0f4f0b1c\" class=\"m-headline__container u-pt-x8 u-pb-x0 u-pt-x20@md u-pb-x0@md\">\n    <div class=\"o-container\">\n        <div class=\"o-grid o-grid--center u-text-center\">\n            <div class=\"o-grid__col u-10\/12@md\" data-aos=\"none\"><h2>Whether start-up, mid-sized company, or corporation: We find the right solution<\/h2><\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-slider__container-block_a01ee90af7433718936a885d16e0da8d\" class=\"m-slider__container u-pt-x0 u-pb-x8 u-pt-x4@md u-pb-x16@md\"><div class=\"m-slider\" data-number=\"7\" data-rows=\"1\" data-autoslide=\"1\" data-indent=\"1\" data-arrows=\"true\"><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-barmenia.svg\" width=\"81\" height=\"52\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Barmenia\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-bruker.png\" width=\"113\" height=\"60\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Bruker\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-deutsche-bahn.svg\" width=\"74\" height=\"52\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Deutsche Bahn\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-fashionette.svg\" width=\"156\" height=\"25\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Fashionette\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-raisinbank.svg\" width=\"155\" height=\"36\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Raisin Bank\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-vorwerk.svg\" width=\"135\" height=\"52\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Vorwerk\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-eligo-300x208.png\" width=\"300\" height=\"208\" srcset=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-eligo-300x208.png 300w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-eligo-1024x712.png 1024w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-eligo-768x534.png 768w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-eligo-1536x1067.png 1536w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-eligo-2048x1423.png 2048w\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von eligo\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-barmenia-1.svg\" width=\"81\" height=\"52\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Barmenia\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-bruker-1.png\" width=\"113\" height=\"60\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Bruker\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-deutsche-bahn-1.svg\" width=\"74\" height=\"52\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Deutsche Bahn\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-fashionette-1.svg\" width=\"156\" height=\"25\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Fashionette AG\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-raisinbank-1.svg\" width=\"155\" height=\"36\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Raisin Bank AG\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-vorwerk-1.svg\" width=\"135\" height=\"52\" srcset=\"\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Vorwerk\" class=\"\"  \/><\/figure><figure class=\"u-flex u-ai-center u-jc-center u-relative u-p-x6 u-image__logo\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-300x87.png\" width=\"300\" height=\"87\" srcset=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-300x87.png 300w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-1024x295.png 1024w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-768x222.png 768w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-1536x443.png 1536w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-2048x591.png 2048w\" sizes=\"(max-width: 400px) 100vw, 400px\" alt=\"Logo von Tyntec\" class=\"\"  \/><\/figure>\n\t    <\/div><div class=\"carousel__arrows\"><\/div>\n<\/section>\n\n\n<section id=\"m-headline__container-block_02950dc1fd9505eb88fdad160a48ebb7\" class=\"m-headline__container u-pt-x8 u-pb-x0 u-pt-x20@md u-pb-x0@md\">\n    <div class=\"o-container\">\n        <div class=\"o-grid o-grid--center u-text-center\">\n            <div class=\"o-grid__col u-12\/12@md\" data-aos=\"none\"><h4>Trust is built through results<\/h4><\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"m-quote__container-block_755824b1d368b3c58174e6994cd29b16\" class=\"m-quote__container u-pt-x8 u-pb-x16 u-pt-x20@md u-pb-x40@md\">\n    <div class=\"o-container u-relative u-ph-x0\"><div class=\"m-slider__quote m-slider__quote--logo\">\n                <div class=\"m-slider__quoteInner u-ph-x6 u-ph-x0@md\">\n                    <div class=\"o-grid o-grid--center o-grid--middle\">\n                        <div class=\"o-grid__col u-5\/12@sm u-3\/12@md u-text-center u-text-left@sm u-mb-x6 u-mb-x0@sm\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-DKV.svg\" width=\"1770\" height=\"1229\" srcset=\"\" sizes=\"(max-width: 640px) 100vw, 640px\" alt=\"Logo von DKV\" class=\"u-full--width\"  \/>\n                        <\/div>\n                        <article class=\"o-grid__col u-5\/12@sm u-push-1\/12@md u-text-center u-text-left@sm\"><blockquote class=\"h4 u-weight-regular\">\u201cWith carmasec\u2019s support, we have defined KPIs and achieved a higher level of transparency and acceptance.\u201d<\/blockquote><p class=\"o-type-small\"><strong>DKV Mobility Services<\/strong><\/p><\/article>\n                    <\/div>\n                <\/div>\n                <div class=\"m-slider__quoteInner u-ph-x6 u-ph-x0@md\">\n                    <div class=\"o-grid o-grid--center o-grid--middle\">\n                        <div class=\"o-grid__col u-5\/12@sm u-3\/12@md u-text-center u-text-left@sm u-mb-x6 u-mb-x0@sm\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-bruker.png\" width=\"113\" height=\"60\" srcset=\"\" sizes=\"(max-width: 640px) 100vw, 640px\" alt=\"Logo von Bruker\" class=\"u-full--width\"  \/>\n                        <\/div>\n                        <article class=\"o-grid__col u-5\/12@sm u-push-1\/12@md u-text-center u-text-left@sm\"><blockquote class=\"h4 u-weight-regular\">\u00bbProfessional, flexible, approachable, and above all: successful. carmasec delivered on its promises.\u00ab<\/blockquote><p class=\"o-type-small\"><strong>Bruker Optics<\/strong><\/p><\/article>\n                    <\/div>\n                <\/div>\n                <div class=\"m-slider__quoteInner u-ph-x6 u-ph-x0@md\">\n                    <div class=\"o-grid o-grid--center o-grid--middle\">\n                        <div class=\"o-grid__col u-5\/12@sm u-3\/12@md u-text-center u-text-left@sm u-mb-x6 u-mb-x0@sm\"><img decoding=\"async\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec.png\" width=\"2360\" height=\"681\" srcset=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec.png 2360w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-300x87.png 300w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-1024x295.png 1024w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-768x222.png 768w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-1536x443.png 1536w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/Logo-Tyntec-2048x591.png 2048w\" sizes=\"(max-width: 640px) 100vw, 640px\" alt=\"Logo von Tyntec\" class=\"u-full--width\"  \/>\n                        <\/div>\n                        <article class=\"o-grid__col u-5\/12@sm u-push-1\/12@md u-text-center u-text-left@sm\"><blockquote class=\"h4 u-weight-regular\">\u00bbcarmasec has made a significant contribution to the security of our services. Professional consulting, flawless execution. We wholeheartedly recommend carmasec for infrastructure penetration tests.\u00ab<\/blockquote><p class=\"o-type-small\"><strong>tyntec GmbH<\/strong><\/p><\/article>\n                    <\/div>\n                <\/div><\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"form\" data-anchor-title=\"form\" class=\"m-form-text__container u-pt-x8 u-pb-x8 u-pt-x20@md u-pb-x12@md\">\n    <div class=\"o-container u-relative\">\n        <div class=\"o-grid o-grid--center\">\n            <article class=\"o-grid__col u-6\/12@sm u-4\/12@lg u-mb-x6 u-mb-x0@sm\" data-aos=\"none\">\n                <p class=\"h4\">Contact<\/p>\n<h2>What can we do for you?<\/h2>\n<p>Fill out the form, submit it, done. We will get back to you within 24 hours, unless it&#8217;s a weekend or public holiday. <\/p>\n<div class=\"o-media o-media--res o-media--middle u-mt-x6\">\n<figure class=\"o-media__fixed\"><img decoding=\"async\" class=\"u-image--circle alignleft wp-image-1556 size-thumbnail\" src=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/JSudmeyer-150x150.jpg\" alt=\"Portrait photo of Jan Sudmeyer, Managing Director at carmasec.\" width=\"150\" height=\"150\" srcset=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/JSudmeyer-150x150.jpg 150w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/JSudmeyer-300x300.jpg 300w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/JSudmeyer-768x768.jpg 768w, https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/03\/JSudmeyer.jpg 1024w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/><\/figure>\n<div class=\"o-media__fluid\"><strong>Jan Sudmeyer<\/strong><br \/>\nManaging Director<br \/>\n<a href=\"tel:0049201426385905\" target=\"_blank\" rel=\"noopener\">+49 (0)201 426 385 905<\/a><\/div>\n<div><a href=\"mailto:vertrieb@carmasec.com\">vertrieb@carmasec.com<\/a><\/div>\n<\/div>\n\n            <\/article>\n            <div class=\"o-grid__col u-6\/12@sm u-7\/12@lg u-push-1\/12@lg\" data-aos=\"none\">\n                <div class=\"c-card u-bgcolor-gray-blue u-p-x6 u-p-x12@md\">\n                    <script>hbspt.forms.create({portalId: \"144374369\", formId: \"b0ac14fd-46d0-4e27-a180-14fc11abbcd2\"});<\/script>\n                <\/div>\n            <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":4,"featured_media":3457,"parent":3556,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-3567","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.4 (Yoast SEO v27.7) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>CRA Implementation: Structured Path to Auditable Compliance | carmasec<\/title>\n<meta name=\"description\" content=\"With carmasec, you will find an experienced partner for CRA implementation. From impact analysis to CE marking. Structured, on schedule, and technology-neutral.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyber Resilience Act\" \/>\n<meta property=\"og:description\" content=\"With carmasec, you will find an experienced partner for CRA implementation. From impact analysis to CE marking. Structured, on schedule, and technology-neutral.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/\" \/>\n<meta property=\"og:site_name\" content=\"carmasec\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-29T15:30:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/carmasec_effekt.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1068\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/\",\"url\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/\",\"name\":\"CRA Implementation: Structured Path to Auditable Compliance | carmasec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.carmasec.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/carmasec_effekt.jpg\",\"datePublished\":\"2026-04-21T13:07:59+00:00\",\"dateModified\":\"2026-05-29T15:30:07+00:00\",\"description\":\"With carmasec, you will find an experienced partner for CRA implementation. From impact analysis to CE marking. Structured, on schedule, and technology-neutral.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.carmasec.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/carmasec_effekt.jpg\",\"contentUrl\":\"https:\\\/\\\/www.carmasec.com\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/carmasec_effekt.jpg\",\"width\":1920,\"height\":1068,\"caption\":\"Pie chart showing the three carmasec service areas Compliance, Offensive, and Defense, embedded in the values Security, Done, and Right, against a blue and orange digital data network background\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Services\",\"item\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Information Security and Compliance\",\"item\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Cyber Resilience Act\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/\",\"name\":\"carmasec\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Organization\",\"Place\"],\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/#organization\",\"name\":\"carmasec GmbH & Co. KG\",\"alternateName\":\"carmasec\",\"url\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/\",\"logo\":{\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/#local-main-organization-logo\"},\"image\":{\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/#local-main-organization-logo\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/carmasec\\\/\"],\"description\":\"Die carmasec GmbH & Co. KG ist eine auf Cybersicherheit und Cyberresilienz spezialisierte Beratungsunternehmen mit Sitz in Essen. Das Leistungsspektrum verbindet zwei essenzielle Welten: strategische Compliance und dem Schutz vor Cyberangriffen. Mit einem klaren Fokus auf agile Sicherheitsprozesse unterst\u00fctzt carmasec Kunden branchenneutral und herstellerunabh\u00e4ngig. Das interdisziplin\u00e4re Team integriert langj\u00e4hrige Beratungserfahrung mit modernen Arbeitsweisen, um komplexe Anforderungen \u2013 von ISMS und Risikomanagement bis hin zu Cloud Security und Offensive Security \u2013 effizient umzusetzen. Zu den Kunden z\u00e4hlen der gehobene Mittelstand sowie internationale Konzerne, insbesondere aus Finanz- und Versicherungswesen, Fertigungsindustrie, Automotive sowie Kritischen Infrastrukturen. Mit der etablierten Veranstaltungsreihe \u201efriends of carmasec\\\" schafft das Unternehmen eine zentrale Plattform f\u00fcr den Branchen-Dialog und vernetzt regelm\u00e4\u00dfig Entscheidungstr\u00e4ger:innen und Expert:innen aus der Security-Community. carmasec bef\u00e4higt Organisationen, Risiken ganzheitlich zu managen und digitale Infrastrukturen proaktiv zu sch\u00fctzen.\",\"legalName\":\"carmasec GmbH & Co. KG\",\"foundingDate\":\"2018-12-18\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"11\",\"maxValue\":\"50\"},\"telephone\":[],\"openingHoursSpecification\":[{\"@type\":\"OpeningHoursSpecification\",\"dayOfWeek\":[\"Monday\",\"Tuesday\",\"Wednesday\",\"Thursday\",\"Friday\",\"Saturday\",\"Sunday\"],\"opens\":\"09:00\",\"closes\":\"17:00\"}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.carmasec.com\\\/en\\\/services\\\/information-security-and-compliance\\\/cyber-resilience-act\\\/#local-main-organization-logo\",\"url\":\"https:\\\/\\\/www.carmasec.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/logo-carmasec.svg\",\"contentUrl\":\"https:\\\/\\\/www.carmasec.com\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/logo-carmasec.svg\",\"width\":299,\"height\":40,\"caption\":\"carmasec GmbH & Co. KG\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"CRA Implementation: Structured Path to Auditable Compliance | carmasec","description":"With carmasec, you will find an experienced partner for CRA implementation. From impact analysis to CE marking. Structured, on schedule, and technology-neutral.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/","og_locale":"en_US","og_type":"article","og_title":"Cyber Resilience Act","og_description":"With carmasec, you will find an experienced partner for CRA implementation. From impact analysis to CE marking. Structured, on schedule, and technology-neutral.","og_url":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/","og_site_name":"carmasec","article_modified_time":"2026-05-29T15:30:07+00:00","og_image":[{"width":1920,"height":1068,"url":"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/carmasec_effekt.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/","url":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/","name":"CRA Implementation: Structured Path to Auditable Compliance | carmasec","isPartOf":{"@id":"https:\/\/www.carmasec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/#primaryimage"},"image":{"@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/#primaryimage"},"thumbnailUrl":"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/carmasec_effekt.jpg","datePublished":"2026-04-21T13:07:59+00:00","dateModified":"2026-05-29T15:30:07+00:00","description":"With carmasec, you will find an experienced partner for CRA implementation. From impact analysis to CE marking. Structured, on schedule, and technology-neutral.","breadcrumb":{"@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/#primaryimage","url":"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/carmasec_effekt.jpg","contentUrl":"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/04\/carmasec_effekt.jpg","width":1920,"height":1068,"caption":"Pie chart showing the three carmasec service areas Compliance, Offensive, and Defense, embedded in the values Security, Done, and Right, against a blue and orange digital data network background"},{"@type":"BreadcrumbList","@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.carmasec.com\/en\/"},{"@type":"ListItem","position":2,"name":"Services","item":"https:\/\/www.carmasec.com\/en\/services\/"},{"@type":"ListItem","position":3,"name":"Information Security and Compliance","item":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/"},{"@type":"ListItem","position":4,"name":"Cyber Resilience Act"}]},{"@type":"WebSite","@id":"https:\/\/www.carmasec.com\/en\/#website","url":"https:\/\/www.carmasec.com\/en\/","name":"carmasec","description":"","publisher":{"@id":"https:\/\/www.carmasec.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.carmasec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Organization","Place"],"@id":"https:\/\/www.carmasec.com\/en\/#organization","name":"carmasec GmbH & Co. KG","alternateName":"carmasec","url":"https:\/\/www.carmasec.com\/en\/","logo":{"@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/#local-main-organization-logo"},"image":{"@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/#local-main-organization-logo"},"sameAs":["https:\/\/www.linkedin.com\/company\/carmasec\/"],"description":"Die carmasec GmbH & Co. KG ist eine auf Cybersicherheit und Cyberresilienz spezialisierte Beratungsunternehmen mit Sitz in Essen. Das Leistungsspektrum verbindet zwei essenzielle Welten: strategische Compliance und dem Schutz vor Cyberangriffen. Mit einem klaren Fokus auf agile Sicherheitsprozesse unterst\u00fctzt carmasec Kunden branchenneutral und herstellerunabh\u00e4ngig. Das interdisziplin\u00e4re Team integriert langj\u00e4hrige Beratungserfahrung mit modernen Arbeitsweisen, um komplexe Anforderungen \u2013 von ISMS und Risikomanagement bis hin zu Cloud Security und Offensive Security \u2013 effizient umzusetzen. Zu den Kunden z\u00e4hlen der gehobene Mittelstand sowie internationale Konzerne, insbesondere aus Finanz- und Versicherungswesen, Fertigungsindustrie, Automotive sowie Kritischen Infrastrukturen. Mit der etablierten Veranstaltungsreihe \u201efriends of carmasec\" schafft das Unternehmen eine zentrale Plattform f\u00fcr den Branchen-Dialog und vernetzt regelm\u00e4\u00dfig Entscheidungstr\u00e4ger:innen und Expert:innen aus der Security-Community. carmasec bef\u00e4higt Organisationen, Risiken ganzheitlich zu managen und digitale Infrastrukturen proaktiv zu sch\u00fctzen.","legalName":"carmasec GmbH & Co. KG","foundingDate":"2018-12-18","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"11","maxValue":"50"},"telephone":[],"openingHoursSpecification":[{"@type":"OpeningHoursSpecification","dayOfWeek":["Monday","Tuesday","Wednesday","Thursday","Friday","Saturday","Sunday"],"opens":"09:00","closes":"17:00"}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.carmasec.com\/en\/services\/information-security-and-compliance\/cyber-resilience-act\/#local-main-organization-logo","url":"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-carmasec.svg","contentUrl":"https:\/\/www.carmasec.com\/wp-content\/uploads\/2026\/02\/logo-carmasec.svg","width":299,"height":40,"caption":"carmasec GmbH & Co. KG"}]}},"_links":{"self":[{"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/pages\/3567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/comments?post=3567"}],"version-history":[{"count":4,"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/pages\/3567\/revisions"}],"predecessor-version":[{"id":3636,"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/pages\/3567\/revisions\/3636"}],"up":[{"embeddable":true,"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/pages\/3556"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/media\/3457"}],"wp:attachment":[{"href":"https:\/\/www.carmasec.com\/en\/wp-json\/wp\/v2\/media?parent=3567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}