I’m new to blogging for the Center for Cybersecurity Policy and Law (CCPL), so let me briefly introduce myself. I’m Jen - hi! I’ve been on the board of CCPL since it launched, and I work extensively with governments, security experts, industry leaders and nonprofits around the world to try to reduce cyber risk for all digital citizens. In my opinion, we can only do that by bringing those groups together in collaboration.
This is the philosophy behind CCPL, and it's why my co-host, Alex Botting, and I are launching a new podcast, Distilling Cyber Policy. The goal is to help security professionals keep up to date with the cyber policy developments that will likely impact them over time. My dream is that we may even inspire and inform some of you enough to get involved with shaping policy for better security outcomes.
So that’s the rationale behind Distilling Cyber Policy - the podcast where we <cough> separate the facts from the hype and boil out the wonky jargon so listeners can keep up with the latest developments impacting the future of security <cough>. I will never apologize for my love of dad jokes and bad puns. You may as well accept that now before listening to the pod, because I’m not sure Alex is much better than me. As I was saying, that’s the background, now let’s get to the specifics and introduce Episode S01 E01: EU Cyber Resilience Act with MEP Bart Groothuis.
As our says-what-it-does-on-the-tin title suggests, this episode features an interview with the incredibly charming and engaging Bart Groothuis, who is a Member of the European Parliament (MEP) and rapporteur for cybersecurity. Prior to joining the European Parliament in February 2020, Bart was head of cybersecurity for the Dutch Ministry of Defence and he is more than familiar with the issues. He joins us in the episode to help explain the EU Cyber Resilience Act (CRA).
I don’t think I’m overstating it to say that the CRA is likely to be the most impactful piece of cybersecurity legislation to move this year, not just in the EU, but around the world. Just as the General Data Protection Regulation (GDPR) created impact far beyond the borders of the EU, so too will the CRA, with the potential to impact all technology manufacturers and lots and lots of technology vendors. If you fit into either category, you should give the episode a listen, or at least go read up on the CRA. We’ll also blog about it more through the legislative process, so watch this space.
The episode also includes some other goodies. Every episode will run about 30-35 mins – this one runs long because we added a bit more explanation of format – and will include three sections: the News Funnel, where we break down a couple of policy-related news stories; the Big Interview, where we chat with a policy expert about a specific cyber policy proposal or initiative; and Mystery Trivia Master (of Doom), where we welcome surprise volunteers from the policy and security communities to come on and ask Alex and me cyber policy trivia questions.
The last part promises to be an excellent opportunity for me to embarrass myself horribly as my memory is terrible.
Special thanks to Tod Beardsley who continues in his enduring role as my personal cybersecurity wiseman as our first Mystery Trivia Master (of Doom). He did excellent work with his poser, but I’ll keep the details to myself for those that want to test their own knowledge.
You can find this and all upcoming episodes on:
NIST CSF 2.0 Includes Positive Changes, Need for Greater Consistency, Practical Guidance
The Cybersecurity Coalition submitted broadly supportive comments in response to the National Institute for Standards and Technology Discussion Draft of the Cybersecurity Framework (CSF) 2.0 Core.
Center for Cybersecurity Policy & Law Staff are Thankful for …
The staff at the Center for Cybersecurity & Law would like to say what they are thankful for this year.
Episode 9: Australian Cyber Policy with Ambassador Brendan Dowling
In the latest episode, Alex and Jen are joined by the Australian Ambassador for Cyber Affairs and Critical Technology, Brendan Dowling on the country's numerous recent cyber policy developments.