D2.2 - First release of White paper

This document provides an overview of how the EU Cyber Resilience Act (CRA) is being operationalised through expert groups, standards work, national preparations, and community initiatives. It consolidates insights from workshops, consultations, community groups, and Member State activities to help organisations understand practical challenges in vulnerability handling, risk-based security assurance, documentation, reporting, and supply-chain dependencies. It also describes how standards bodies and national authorities are preparing supporting frameworks, and how Cyberstand.eu is coordinating technical, training, and outreach activities to strengthen industry readiness ahead of full CRA application.