Jonny Tyers at IoTSF Webinar: Standards vs Security — A Proactive Compliance Framework

The IoT Security Foundation has invited Jonny Tyers to present at their March 2026 monthly webinar. The session explores a tension that runs through most compliance programmes: standards tell you what to achieve, but they rarely tell you how to actually get there — and following them to the letter doesn't guarantee you're building something secure.

---

About the session

The talk is titled Standards vs Security: A Proactive Compliance Framework. It's aimed at security leads, product managers and compliance teams working on connected devices, particularly those navigating the EU Cyber Resilience Act and UK PSTI alongside broader security engineering responsibilities.

The session is part of IoTSF's March 2026 webinar, which also covers autonomous compliance approaches for EU CRA and UK PSTI via embedded microservices.

What the talk covers

Jonny's argument is that compliance and security are not the same thing, and treating them as interchangeable is where a lot of organisations go wrong. A product can pass a conformity assessment and still be genuinely insecure. The session covers what a proactive compliance framework looks like in practice — one that starts with understanding real threats rather than working backwards from a standard's requirements.

The framework draws on Threatplane's experience helping IoT manufacturers and software teams apply threat modelling early in product development, using security evidence to satisfy compliance obligations rather than generating compliance documents that don't reflect how the product actually works.

About IoTSF

The IoT Security Foundation is a non-profit working to raise security standards across the IoT industry through research, education and community programmes. Their monthly webinar series is free and open to the public.