Introducing the new ORC Learning Hub designed to help you understand and prepare for the Cyber Resilience Act (CRA) ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
New software regulations are changing how organisations develop, secure, and distribute software.
The Open Regulatory Compliance (ORC) Working Group and the Eclipse Foundation have launched the ORC Learning Hub, a free training resource designed to help organisations understand and prepare for the Cyber Resilience Act (CRA) and other emerging software regulations. |
The training is designed for:
- Software manufacturers and product teams
- Developers and open source maintainers
- Security and software supply chain professionals
- Technical architects and engineering leaders
- Open Source Program Office (OSPO) teams
- Compliance, legal, and governance professionals
Participants will learn:
- How the CRA impacts software development and open source software
- Upcoming compliance milestones and reporting requirements
- Vulnerability management and software supply chain considerations
- Practical steps organisations can take to prepare
Key CRA milestones
📅 11 September 2026 – Mandatory reporting requirements for actively exploited vulnerabilities and incidents take effect
📅 11 December 2027 – All remaining CRA obligations become fully applicable
While the CRA is a European regulation, its impact extends globally to organisations that develop, distribute, commercialise, or rely on software and open source components. With the first compliance deadlines approaching, now is the time to understand the requirements and prepare your teams. |
STAY CONNECTED WITH THE ORC |
You received this email because you are subscribed to Updates and Communication from Eclipse Foundation. |
|
![]()