Alberto Scarpa

AI, Cybersecurity & Compliance for Products and Organizations

Build and Govern
products and solutions
bridging
Artificial Intelligence,
Innovation,
Cybersecurity,
and Regulation

Artificial Intelligence

AI governance, risk, safe adoption (ISO 42001-driven), product safety with AI

Innovation

structured delivery of new capabilities, partner ecosystems, funded projects

Cybersecurity

product cybersecurity, system cybersecurity, CRA Cyber Resilience Act, NIS2, IT/OT cybersecurity, IEC 62443, SBOM & vulnerability management, secure updates

Let's get in touch

Contact me

Book a call

Make AI adoption safe and governable

ISO 42001 implementation, AI risk assessment, policies, supplier controls, safe copilots/RAG usage

Make AI adoption safe and governable

ISO 42001 implementation, AI risk assessment, policies, supplier controls, safe copilots/RAG usage

Secure connected products

Threat modeling
security requirements
vulnerability/SBOM process
evidence for customers and regulators. Security requirements and evidence structured using IEC 62443 principles

Secure connected products

Threat modeling
security requirements
vulnerability/SBOM process
evidence for customers and regulators. Security requirements and evidence structured using IEC 62443 principles

Innovation

From roadmap to delivery: aligning stakeholders, managing risk, building repeatable processes that scale across product lines and teams.

Innovation

From roadmap to delivery: aligning stakeholders, managing risk, building repeatable processes that scale across product lines and teams.

About

Innovation Manager

Kiwa

2026

UNI 11814 Personal certification

Innovation Manager

Kiwa

2026

UNI 11814 Personal certification

ISO 42001 Lead Implementer

PECB

Pending

Certification planned for April 2026

ISO 42001 Lead Implementer

PECB

Pending

Certification planned for April 2026

Product Manager

DAVE

2023-Now

Embedded Solution Company. I'm leading the development of the ToloMEO platform. It mixes together IoT, cybersecurity and AI for embedded systems.

Product Manager

DAVE

2023-Now

Embedded Solution Company. I'm leading the development of the ToloMEO platform. It mixes together IoT, cybersecurity and AI for embedded systems.

Founder and AI and Data Manager

Eyes.guru

2024-Now

Medical Device Startup for eyecare.

Founder and AI and Data Manager

Eyes.guru

2024-Now

Medical Device Startup for eyecare.

Founder and CEO

D-EYE

2015-2023

Medical Device Startup for eyecare. Product certified as medical device in Europe and USA.

Founder and CEO

D-EYE

2015-2023

Medical Device Startup for eyecare. Product certified as medical device in Europe and USA.

Projecrt Mananger

M31

2007-2015

M31 was a startup incubator and venture accelerator. I worked form many internal and external corporates and startups in medical device, industrial and home automation markets.

Projecrt Mananger

M31

2007-2015

M31 was a startup incubator and venture accelerator. I worked form many internal and external corporates and startups in medical device, industrial and home automation markets.

UNINFO Member

UNI/CT 533 AI

UNINFO Member

UNI/CT 533 AI

ETSI Member

TB CYBER

ETSI Member

TB CYBER

ISA Member

My Markets

I work with companies building and scaling digital products in the European market, especially where supply chain pressure and regulation require strong security and governance:

Industrial
& IIoT / OT-adjacent products

Connected machines, industrial gateways, edge devices, remote access, and platforms where IEC 62443 concepts help structure security-by-design.

Medical Devices
& Digital Health

Regulated environments requiring strong lifecycle discipline, evidence, and post-market security practices.

Connected Consumer
& Smart Products

IoT products needing scalable vulnerability handling, secure updates, and CRA-ready processes.

COLLABORATIONS • FUNDED PROJECTS • CALLS

I collaborate as: partner, advisor, or subcontractor on regional/national/EU funded projects.

Product cybersecurity & compliance work packages (requirements → controls → evidence)

AI governance and risk management deliverables (ISO 42001-aligned)

Supplier/security-by-design processes for product organizations

Training and capability building for technical and managerial teams

Audit readiness and documentation packages required by calls

Email me

Skills

Artificial Intelligence

Cybersecurity

Innovation

Product Development

Regulation

ISO 27001

ISO 42001

IEC 62443

ISO 13485

CONTACT

alberto@albertoscarpa.com

/in/albertoscarpa

Google Scholar

scholar/albertoscarpa

Google Scholar

scholar/albertoscarpa

Alberto Scarpa

AI, Cybersecurity & Compliance for Products and Organizations

Build and Governproducts and solutionsbridging Artificial Intelligence,Innovation,Cybersecurity,and Regulation

Let's get in touch

Let's get in touch

Contact me

Contact me

Make AI adoption safe and governable

Make AI adoption safe and governable

ISO 42001 implementation, AI risk assessment, policies, supplier controls, safe copilots/RAG usage

Make AI adoption safe and governable

ISO 42001 implementation, AI risk assessment, policies, supplier controls, safe copilots/RAG usage

Secure connected products

Secure connected products

Threat modelingsecurity requirementsvulnerability/SBOM processevidence for customers and regulators. Security requirements and evidence structured using IEC 62443 principles

Secure connected products

Threat modelingsecurity requirementsvulnerability/SBOM processevidence for customers and regulators. Security requirements and evidence structured using IEC 62443 principles

Innovation

Innovation

From roadmap to delivery: aligning stakeholders, managing risk, building repeatable processes that scale across product lines and teams.

Innovation

From roadmap to delivery: aligning stakeholders, managing risk, building repeatable processes that scale across product lines and teams.

About

Innovation Manager

Innovation Manager

ISO 42001 Lead Implementer

ISO 42001 Lead Implementer

Product Manager

Product Manager

Founder and AI and Data Manager

Founder and AI and Data Manager

Founder and CEO

Founder and CEO

Projecrt Mananger

Projecrt Mananger

My Markets

Industrial & IIoT / OT-adjacent products

Industrial & IIoT / OT-adjacent products

Connected machines, industrial gateways, edge devices, remote access, and platforms where IEC 62443 concepts help structure security-by-design.

Medical Devices & Digital Health

Medical Devices & Digital Health

Regulated environments requiring strong lifecycle discipline, evidence, and post-market security practices.

Connected Consumer & Smart Products

Connected Consumer & Smart Products

IoT products needing scalable vulnerability handling, secure updates, and CRA-ready processes.

COLLABORATIONS • FUNDED PROJECTS • CALLS

COLLABORATIONS • FUNDED PROJECTS • CALLS

I collaborate as: partner, advisor, or subcontractor on regional/national/EU funded projects.

Product cybersecurity & compliance work packages (requirements → controls → evidence)

AI governance and risk management deliverables (ISO 42001-aligned)

Supplier/security-by-design processes for product organizations

Training and capability building for technical and managerial teams

Audit readiness and documentation packages required by calls

Skills

CONTACT

Build and Govern
products and solutions
bridging
Artificial Intelligence,
Innovation,
Cybersecurity,
and Regulation

Threat modeling
security requirements
vulnerability/SBOM process
evidence for customers and regulators. Security requirements and evidence structured using IEC 62443 principles

Threat modeling
security requirements
vulnerability/SBOM process
evidence for customers and regulators. Security requirements and evidence structured using IEC 62443 principles

Industrial
& IIoT / OT-adjacent products

Industrial
& IIoT / OT-adjacent products

Medical Devices
& Digital Health

Medical Devices
& Digital Health

Connected Consumer
& Smart Products

Connected Consumer
& Smart Products