At InCyber Forum 2025, I had the chance to share a perspective that’s shaping the future of product cybersecurity assurance:
Digital trust can’t thrive on outdated compliance foundations.
As connected products flood the market—over 125 billion devices expected by 2030—trust has become the ultimate differentiator. Yet our current approaches to compliance remain fragmented, manual, and increasingly disconnected from the operational realities of the IoT ecosystem.
The Challenge: Compliance Hasn’t Kept Up
The regulatory landscape is evolving rapidly, from the RED Directive (EN 18031) to the Cyber Resilience Act (CRA) and the PSTI Act in the UK. But the processes used by manufacturers, labs, and certification bodies to demonstrate compliance have largely stayed the same.
- Manufacturers face siloed, repetitive requests for documentation.
- Labs must repeatedly evaluate similar products with no structured reuse.
- Certification bodies lack real-time visibility across schemes.
- And post-certification? Most products go unmonitored, even as vulnerabilities emerge.
This is more than a productivity issue. It’s a trust issue.
The CyberPass Solution: A Collaborative, AI-Driven Compliance Platform

What CyberPass Delivers:
- AI-Powered Compliance Assessments
→ Automates mapping of evidence to requirements, reducing manual work by up to 40%. - Cross-Scheme and Cross-Standard Support
→ RED / EN 18031, ETSI EN 303 645, PSTI, CRA, and more—supported in one unified workspace. - Security Assurance Scoring
→ Standardized, interpretable scores to communicate product security levels to stakeholders. - QR-Code-Linked Public Certificates
→ Instantly share digital proof of compliance with buyers, customers, and regulators. - Post-Certification Monitoring
→ Track compliance status, receive vulnerability disclosures, and maintain audit readiness.
By integrating all actors - manufacturers, labs, certifiers, consultants, and scheme owners- CyberPass reduces redundancy, increases speed, and strengthens trust across the board.
The Future: Continuous Compliance, Continuous Trust
The Cyber Resilience Act makes one thing clear: product security is no longer a one-time obligation.
Manufacturers must now ensure security is maintained throughout the lifecycle of the product.
CyberPass enables this with:
- Dashboards for real-time status tracking
- Workspaces for collaborative resolution of non-conformities
- Structured storage of historical evaluations for traceability
- Secure vulnerability reporting workflows
We're not just digitizing the old way—we’re building a smarter, more resilient compliance fabric that works across jurisdictions and sectors.
Why It Matters Now
As I shared in a previous article, security certification today is too slow, too costly, and too isolated to keep up with market needs.
Chris Hughes reinforced this point in his widely shared piece, “GRC is Ripe for a Revolution”—calling for integrated, automated, and continuous governance systems.
CyberPass is that revolution for IoT security compliance.
We’re turning certification from a bottleneck into a strategic advantage—helping organizations go to market faster, respond to regulation faster, and build trust faster.
Join the Compliance Evolution
Whether you're:
- A manufacturer preparing for RED or CRA
- A lab evaluating smart products across clients
- A certification body managing multiple schemes
- Or a consultant offering security assurance services—
CyberPass is built to amplify your impact and simplify your workflows.
Ready to transform your IoT security compliance operations?
Book a demo or learn more at www.cyberpass.com
