In our latest episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Mieke Eoyang, the Deputy Assistant Secretary of Defense for Cyber Policy. As the highest ranking civilian at the U.S. Department of Defense (DoD), tasked with thinking exclusively about cyber policy, Ms. Eoyang was able to provide valuable insights around the recently released unclassified 2023 DoD Cyber Strategy summary.
The discussion captures how the DoD’s thoughts on cyber warfare have significantly evolved in the last decade, particularly in reaction to real-world international cyber events like the conflict in Ukraine. Ms. Eoyang highlights just how far we have come from analogies to nuclear war, and why cyber warfare has become an increasingly important part of the DoD’s toolkit. All of this evolutionary thinking has shaped the new DoD Cyber Strategy, published today and complementing the U.S. National Cyber Security Strategy and the implementation plan. The new defense strategy calls for strengthened partnership with both allied nations and the private sector through information sharing, technical support, and hunt forward operations - amongst other efforts.
A couple of other links we promised to share out of our chat with Ms. Eoyang:
- DoD civilian career opportunities
- An article on “The Subversive Trilemma: Why Cyber Operations Fall Short of Expectations”
In addition to the above, this week’s episode includes news out of CISA and an update on the UN Cybercrime Convention proceedings, which we discussed with Microsoft’s Kaja Ciglic in S01E02.
If you want to read up more on any of the news stories we covered, you can find more here:
- Microsoft speaks out on the latest from UN Cybercrime Treaty
- Untangling the Web of Redlines: The UN Cybercrime Convention possible stalemate
- CISA publishes its Annual Report on the impact of the Government VDP Platform
- CISA Hires ‘Mudge’ to Work on Security-by-Design Principles
- The UK Government views the Investigatory Powers Act (one for the crypto activists!)
Finally, our Mystery Trivia Master this week is the delightful Florian Pennings, EU cyber policy expert.
Check out the newest Distilling Cyber Policy episode on Spotify, Apple or Google. As always, if you would like to submit cyber policy trivia for upcoming episodes, please email info@centerforcybersecuritypolicy.org.
Read Next
Japanese Regulator Balances Cybersecurity, Competition Concerns In MSCA Implementation Guidelines
Promoting robust competition in the digital space while ensuring cybersecurity protections is challenging. The Japan Fair Trade Commission strikes a crucial balance between these priorities in its May 2025 guidelines.
Protecting Mobile Security in a Competitive Ecosystem
In an amicus brief filed in Epic Games v. Apple Inc., the Center for Cybersecurity Policy and Law urges the 9th Circuit to ensure that competition remedies do not undermine security.
The Clock’s Ticking: Why CISA 2015 Must Be Renewed Now
As the September 2025 expiration of CISA 2015 looms, Congress faces a critical decision that will shape the future of national cyber defense. At a time when the U.S. is under near constant cyber attacks, government and industry need to share intel.
