The European Union’s Cyber Resilience Act (CRA) is a piece of legislation that covers all countries within the EU and the EEA and entered into force on 10th December 2024.…
Read More
By Linux Foundation Education, see original blog.
Quickly Grasp the Key Requirements of the CRA
with this Express Learning Video Course
OpenSSF and Linux Foundation Education have announced the launch of Understanding the EU Cyber Resilience Act (CRA) (LFEL1001), a new, free, Express Learning video course that covers:
- Key requirements of the EU’s Cyber Resilience Act (CRA)
- Digital product impacts
- Compliance strategies
- How to navigate uncertainties in the law, including for open source software
The course is ideal for anyone needing to adapt to these new legal requirements, especially decision-makers and software developers – including those working with open source software – whose products may be commercially available in the EU.
“The Cyber Resilience Act (CRA) is critically important for all software developers and their managers to understand. It imposes requirements on many kinds of software, including open source, that have never been regulated before. The CRA applies even if the software wasn’t developed in the EU,” said David A. Wheeler, PhD, Director of Open Source Supply Chain Security, OpenSSF. “This completely changes the software development landscape. You could risk its substantial penalties, but it’s wiser to gain an understanding of it.”
🌏 EU Law with Global Impact
The CRA is a landmark law that imposes new requirements on products with digital elements, including software, that are made commercially available within the European Union. It also imposes significant penalties for failure to comply in certain cases. Given the global nature of software and hardware development, many organizations and individuals not based in the EU will find themselves affected by the CRA.
Understanding the EU Cyber Resilience Act (CRA) (LFEL1001) will help those affected better prepare to understand and meet their obligations of the law and avoid the significant penalties the law can enforce. This includes the CRA’s requirements for developing secure software and managing vulnerability reports. The course will also note some of the uncertainties in the new law, explain how some are being addressed and provide recommendations on how to deal with such uncertainties.
Understanding the EU Cyber Resilience Act (CRA) (LFEL1001)Â is a free, 90-minute, self-paced, e-Learning video course. Those who successfully complete the course receive a digital badge and certificate of completion.
