In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Despina Spanou, the Head of the Cabinet of the Vice-President of the European Commission. In her role, Despina oversees the European Union's policies on security, migration and asylum, health, skills, education, culture and sports. Previously, she was Director for Digital Society, Trust and Cybersecurity at DG CONNECT.
The discussion begins with the recent history and intentions of EU technology policy making, including the success stories of the EU’s Digital Covid Certificate and the evolution of the NIS 1 and 2 Directives, and the benefits of approaching cybersecurity not just as standalone technology policy, but as a fundamental part of the EU’s collective wellbeing and resilience.
Despina breaks down the EU’s legislative process, with the Commission first developing policy proposals, and then the Parliament (representing EU citizens) and the Council (representing EU member states) co-legislating and negotiating a final version of said policy. Jen emphasizes the difference between “directives,” which member states can implement in their own interpretation, versus “regulations,” which member states must implement word for word.
Despina then delves into the development of the Cyber Resilience Act (CRA), the associated timeline, and some of the implementation challenges - including around developing the European cybersecurity workforce. The conversation concludes with a look towards international cooperation on cybersecurity, including the recent announcement of the US-EU Joint Cybersafe Products Action Plan and the outcomes of the latest U.S-EU Trade and Technology Council meeting.
This week’s news segment features the Office of the National Cyber Director’s summary of their 2023 Cybersecurity Regulatory Harmonization RFI, and the recent White House announcement for bolstering cybersecurity in rural hospitals across the US with the help of Microsoft and Google.
For our new Community Corner segment, we are joined by the awesome Bryson Bort, founder and CEO of Scythe, founder of Grimm, and co-founder of the ICS Village. Bryson shares highlights from the recent Hack the Capitol conference, which focuses on industrial control systems.
You can find the latest Distilling Cyber Policy episode on Spotify and Apple. As always, if you would like to submit something for Community Corner, or have topic ideas for upcoming episodes, please email iaj01@venable.com.
Read Next
Cybersecurity Coalition, HPC Comment on EU CRA Delegated Act on Delaying Dissemination of Notifications About Vulnerabilities and Incidents
The Cybersecurity Coalition and the Hacking Policy Council submitted comments to the European Commission on its consultation related to the Delegated Act.
Cairncross Talks Cyber Strategy, Shaping Adversarial Behavior
National Cyber Director Sean Cairncross signaled a shift in the Trump Administration’s approach to digital threats – one defined by transparency, accountability, and consequences.
Coalition Sends Paper on Post-Shutdown Priorities To ONCD and Congressional Cyber Leaders
The Cybersecurity Coalition’s new paper, "Reinvigorating Federal Cybersecurity Initiatives: A Post-Shutdown Call to Action for the Trump Administration and Congress," urges ONCD and Congress to take decisive action around four areas of cyber policy.
