In our latest episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Irfan Hemani, Deputy Director of Cyber Security Policy, Department for Science, Innovation and Technology. In this role, Irfan is responsible for Cyber Policy for the UK's wider economy and society. He is also the author of the Harvard Belfer Center's National Cyber Power Index.

The discussion focuses on how the UK is securing emerging technologies, from both enterprise and consumer perspectives, as the proliferation of these technologies continues to increase. Irfan talks about the Product Security and Telecommunications Infrastructure Act, which passed into UK law to create a better baseline of security for consumer smart products. The new law requires connected consumer devices sold in the UK to adhere to the first three principles of ETSI EN 303 645, which was developed based on the UK’s Code of Practice for Consumer IoT Security

Irfan, Jen and Alex also debate the merits of regulation versus product labeling and how technology developments like AI and quantum are being addressed in policy development as we look towards the UK’s AI Safety Summit in November

In addition to the above, this week’s episode includes news about improving cyber readiness for the pipeline sector and the recent LATAM CISO Summit 2023 in Madrid. Our Mystery Trivia Master this week is the delightful David Hoffman, Steed Family Professor of the Practice of Cybersecurity Policy at the Sanford School of Public Policy. 

Check out the newest Distilling Cyber Policy episode on Spotify, Apple or Google. As always, if you would like to submit cyber policy trivia, or have topic ideas for upcoming episodes, please email info@centerforcybersecuritypolicy.org

Ines Jordan-Zoob

Read Next

The Clock’s Ticking: Why CISA 2015 Must Be Renewed Now

As the September 2025 expiration of CISA 2015 looms, Congress faces a critical decision that will shape the future of national cyber defense. At a time when the U.S. is under near constant cyber attacks, government and industry need to share intel.

Cybersecurity Coalition, CR2 Comment on EU Cybersecurity Act Revision Consultation

The Cybersecurity Coalition and the Coalition to Reduce Cyber Risk submitted comments to the European Union Directorate-General for Communications Networks, Content and Technology’s open consultation on revisions to the Cybersecurity Act.

New Cybersecurity Executive Order, Same Mission: Protecting America's Digital Infrastructure

Since taking office speculation has swirled on what President Trump would do on cybersecurity. A new EO upholds previous messaging and underscores that cybersecurity isn't a partisan battle; it demands nonpartisan solutions to protect the nation.