A blueprint for implementing the CRA in an open source business: Element’s journey

As any other open source company we had to understand the EU’s Cyber Resilience Act (CRA) and determine how we should deploy our compliance to it. It has been even more important to us as a lot of our products actually get deployed at highly sensitive levels, and the security of our solution is a key selling point to our business. With this in mind we had to do a deep analysis of the CRA and our security team worked hand in hand with our policy team to understand what our approach should be. This talk will walk the audience through our journey, sharing our learnings, and hopefully providing insights and learning that others can follow too.