Navigating the Regulatory Maze: Technical Approaches to Cross-Framework Compliance

Learn how to build resilience into your cybersecurity strategy, mitigate risks proactively, and streamline compliance across multiple regulatory frameworks.

As cybersecurity regulations continue to evolve, many manufacturers face the challenge of implementing robust technical solutions that satisfy multiple compliance requirements simultaneously. So just how can organizations efficiently address overlapping technical controls while building sustainable security practices?

Join Larry Pesce, VP of Services at Finite State, for an in-depth discussion exploring the technical foundations of today's major cybersecurity regulations. Drawing from extensive experience in device security assessment and compliance validation, Larry will break down the common technical requirements across key frameworks and demonstrate practical approaches to achieving comprehensive compliance.

This webinar covers:

• Deep dive into the technical controls required by major regulations, including EU CRA, US Cyber Trust Mark, FDA 524B, and more

• Analysis of overlapping technical requirements and how to implement unified solutions that satisfy multiple frameworks

• Practical strategies for building resilient security practices that adapt to evolving regulatory demands

• Real-world examples of how Finite State's testing and validation services help manufacturers achieve and maintain compliance

Whether you're preparing for upcoming regulations or looking to streamline your existing compliance processes, this session will provide actionable insights for implementing effective technical controls that meet today's complex regulatory requirements.

About our Speaker:

Larry Pesce is VP of Services at Finite State, where he leads product security research and vulnerability assessment initiatives. With over 20 years of experience in penetration testing and security research, Larry specializes in vulnerability management for Healthcare, ICS/OT, and IoT/IIoT embedded devices. He is a principal instructor and course author at the SANS Institute, where he develops and delivers advanced training on vulnerability assessment and management. Larry holds several GIAC certifications, including the Global Industrial Cyber Security Professional (GICSP), GIAC Certified Incident Handler (GCIH), and GIAC Assessing and Auditing Wireless Networks (GAWN). As co-host of Paul's Security Weekly podcast for over two decades, he has been a prominent voice in vulnerability research and security awareness. Larry earned his B.S. in Computer Information Systems from Roger Williams University and continues to contribute to the advancement of product security and vulnerability management practices.