https://patrickdahlke.com/tags/regulation/Recent content in Regulation on Patrick DahlkeHugoen-usFri, 08 May 2026 10:00:00 +0200https://patrickdahlke.com/posts/cra-isnt-new/Fri, 08 May 2026 10:00:00 +0200https://patrickdahlke.com/posts/cra-isnt-new/The Cyber Resilience Act stops being a future problem in about four months. The first deadline — manufacturer vulnerability reporting — lands on 11 September 2026. The full obligations land on 11 December 2027. Most of the OT world found out about this about a year too late. Meanwhile, the cars in the parking lot have been shipping under ISO 21434 since 2021. The aerospace world has shipped under some form of DO-178 since the eighties.