In our latest Distilling Cyber Policy podcast episode, hosts Alex Botting of Venable and Jen Ellis of the Center for Cybersecurity Policy & Law (CCPL), continue the season’s run of returning guests with a conversation featuring Irfan Hemani, Deputy Director for UK Cybersecurity and Resilience Policy at the UK Department for Science, Innovation and Technology (DSIT).

The episode focuses on international cyber regulatory alignment and the growing challenge of overlapping cyber rules across jurisdictions. Irfan explains how regulations aimed at similar security outcomes can still become “just different enough” to require separate compliance efforts in each country. The team discussed why alignment should not be about lowering standards, but about helping companies focus resources on improving security rather than duplicative compliance. The discussion also looks at the recent Wilton Park dialogue, where governments, international organizations, academia, and industry considered practical ways to improve cross-border alignment.

The episode also examines the UK’s broader cyber resilience agenda, including the government’s focus on helping organizations prepare not only to prevent cyberattacks, but also to recover from them. Irfan discusses the importance of rehearsing response plans, maintaining backups, considering cyber insurance, and setting clearer expectations for good cyber practice. Finally, the conversation turns to UK efforts to encourage stronger corporate cyber responsibility, including work around software security, cyber governance, Cyber Essentials, and supply chain security.

Rather than a Community Corner segment this week, in our news portion, we discussed the recent U.S. government actions to impose export controls on Anthropic’s Fable 5, citing national security concerns. We explored the challenges these measures create as policymakers race to keep pace with rapidly evolving AI capabilities, stakeholders are often left operating with limited visibility, and patch and vulnerability management cycles risk being significantly disrupted. Alex also highlighted Australia's Horizon 2 Action Plan, with discussion centered on its emphasis on international harmonization, securing subsea cable infrastructure, the development of a vulnerability disclosure policy toolkit, and a national framework for the professionalism of the cyber workforce. 

Finally, we wanted to shine a spotlight on our fabulous co-host, Jen Ellis, who was recognized in the King's Birthday Honours List 2026!!! The annual honours recognize individuals who have made significant contributions to public life or dedicated themselves to serving and helping others. We are delighted to see Jen’s contributions to cyber policy recognized in this year’s list! Congratulations Jen!

You can find the latest Distilling Cyber Policy episode on Spotify and Apple. As always, if you have topic ideas for upcoming episodes, please email tchopra@venable.com.

‍