In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Despina Spanou, the Head of the Cabinet of the Vice-President of the European Commission. In her role, Despina oversees the European Union's policies on security, migration and asylum, health, skills, education, culture and sports. Previously, she was Director for Digital Society, Trust and Cybersecurity at DG CONNECT.
The discussion begins with the recent history and intentions of EU technology policy making, including the success stories of the EU’s Digital Covid Certificate and the evolution of the NIS 1 and 2 Directives, and the benefits of approaching cybersecurity not just as standalone technology policy, but as a fundamental part of the EU’s collective wellbeing and resilience.
Despina breaks down the EU’s legislative process, with the Commission first developing policy proposals, and then the Parliament (representing EU citizens) and the Council (representing EU member states) co-legislating and negotiating a final version of said policy. Jen emphasizes the difference between “directives,” which member states can implement in their own interpretation, versus “regulations,” which member states must implement word for word.
Despina then delves into the development of the Cyber Resilience Act (CRA), the associated timeline, and some of the implementation challenges - including around developing the European cybersecurity workforce. The conversation concludes with a look towards international cooperation on cybersecurity, including the recent announcement of the US-EU Joint Cybersafe Products Action Plan and the outcomes of the latest U.S-EU Trade and Technology Council meeting.
This week’s news segment features the Office of the National Cyber Director’s summary of their 2023 Cybersecurity Regulatory Harmonization RFI, and the recent White House announcement for bolstering cybersecurity in rural hospitals across the US with the help of Microsoft and Google.
For our new Community Corner segment, we are joined by the awesome Bryson Bort, founder and CEO of Scythe, founder of Grimm, and co-founder of the ICS Village. Bryson shares highlights from the recent Hack the Capitol conference, which focuses on industrial control systems.
You can find the latest Distilling Cyber Policy episode on Spotify and Apple. As always, if you would like to submit something for Community Corner, or have topic ideas for upcoming episodes, please email iaj01@venable.com.
Read Next
The U.S. Data Security EO with Lee Licata and Grant Dasher (Part 2)
For the first time in the Distilling Cyber Policy podcast, Alex and Jen are re-joined by guests from earlier this season: Lee Licata, from the Department of Justice, and Grant Dasher, from CISA.
The U.S. and UN Cybercrime Convention: Progress, Concerns, and Uncertain Commitments
The U.S. issued an updated position seeking to move forward the UN Convention Against Cybercrime, a treaty intended to improve the global community’s ability to combat evolving cybercrime threats.
The Counter Ransomware Initiative with Hamish Hansford (DCP S2 E8)
In the latest Distilling Cyber Policy, Alex Botting and Jen Ellis are joined by our second-ever Australian guest: Hamish Hansford, the Deputy Secretary of Cyber and Infrastructure Security Group at the Australian Department of Home Affairs.