Skip to main content

Who am I?

Piet De Vaere

Piet De Vaere

Product Cybersecurity Consultant

I am an electrical engineer, computer scientist, and consultant specializing in product cybersecurity compliance. My focus areas include the EU Cyber Resilience Act (CRA), the EU Radio Equipment Directive (RED DA), and the UK Product Security and Telecommunications Infrastructure (PSTI) Act. I regularly apply standards such as EN 303 645 and IEC 62443 to support compliance projects.

To advance both my work and the wider industry, I participate in the following standardization committees:

  • CEN-CLC / JTC 13 / WG 9 (“the CRA working group”)
  • CLC / TC 65X / WG 3 (“the IEC 62443 working group”)
  • ETSI TC CYBER (with focus on consumer IoT devices)

What do I do? #

I help you ensure that your products are compliant with cybersecurity requirements such as the CRA or the RED DA. To accomplish this, I combine industry experience, active involvement in standardization, and insights from my PhD. Further, I always place a strong emphasis on understanding the specific needs and challenges of each client. This enables me to design tailored yet pragmatic solutions that maximize benefits while avoiding work that does not bring value. My background in electrical engineering and computer science facilitates effective communication with both software and hardware teams, allowing me to bridge the gap between C-level executives, management, architects, and engineers.

My services are centered around the following pillars:

  • Supporting decision-makers in understanding the cybersecurity compliance requirements applicable to their products. This includes clarifying relevant legal obligations, interpreting technical data, and facilitating risk-based business decisions.

  • Assisting technical teams with all aspects of product cybersecurity. This includes (i) evaluating the current state of their products, (ii) ensuring they comprehend the requirements those products must meet, and (iii) guiding them through the implementation of security features and processes.

  • Architecting secure products and development processes based on the requirements and goals set out by company leadership.

Public talks #

Below you’ll find a selection of my recent and upcoming talks. I love giving talks, and if you would like to me speak at your event, please get in touch!

  • 8 October 2025, ETSI Security Conference 🇫🇷, Zero trust for every device: rethinking network security in the industrial IoT
  • 12 September 2025, Comply.Land 🇲🇹, Pathways to compliance
  • 10 August 2025, WHY2025 🇳🇱, Who Gave the Toaster Root Access to the Physical World?
  • 9 August 2025, WHY2025 🇳🇱, The EU Just Made Product Security Mandatory — Now What?
  • 19 June 2025, Cyberstand Anual Impact Event 🇧🇪, Panel: The CRA and challenges for SMEs
  • 17 October 2024, VSE Symposium on Energy Data and Information Security 🇨🇭, OT Networks: We have to talk…
  • 9 August 2023, Usenix Security Composium 🇺🇸, Hey Kimya, Is My Smart Speaker Spying on Me? Taking Control of Sensor Privacy Through Isolation and Amnesia
  • 31 May 2022, ACM AsiaCCS 🇯🇵, Hopper: Per-Device Nano Segmentation for the Industrial IoT
  • 24 March 2022, IETF113 🇦🇹, Tableau: Future-Proof Zoning for OT Networks
  • 29 September 2021, CRITIS 🇨🇭, Tableau: Future-Proof Zoning for OT Networks
  • 7 November 2019, IEEE MASS 🇺🇸, Liam: An Architectural Framework for Decentralized IoT Networks
  • 2 November 2018, ACM IMC 🇺🇸, Three Bits Suffice: Explicit Support for Passive Measurement of Internet Latency in QUIC and TCP
  • 15 July 2017, IRTF ANRW 🇨🇿, Tracking transport-layer evolution with PATHspider
  • 7 August 2016, Electromagnetic Field 🇬🇧, Zebro: building a six legged robot
  • 5 August 2016, Electromagnetic Field 🇬🇧, From transistor to processor