In our latest Distilling Cyber Policy podcast episode, hosts Alex Botting of Venable and Jen Ellis of the Center for Cybersecurity Policy & Law (CCPL) kick off the season with a wide-ranging conversation on some of the biggest issues shaping cyber policy. 

The episode features a return appearance from Bart Groothuis, Member of the European Parliament and one of Europe’s leading voices on cybersecurity policy, followed by a Community Corner conversation with Professor Anya Shortland of King’s College London, author of We Know You Can Pay: Inside the Dark Economy of Hacking and Ransomware. 

The conversation with Bart focuses on the EU’s Cybersecurity Act 2.0, digital sovereignty, and the growing importance of supply chain security. He explains why Europe’s concerns about high-risk vendors go beyond technical vulnerabilities and include non-technical risks, such as foreign legal obligations and state influence. 

The discussion also looks at Europe’s ambitions in cloud, semiconductors, and critical infrastructure, and how technology is increasingly shaping geopolitics. The interview also explores quantum security and the urgent need for post-quantum cryptography preparedness. Bart emphasizes that critical infrastructure operators should already be planning for the transition to quantum-safe systems, as governments and industry race to prepare for the next generation of technological disruption.

In this week’s news segment, the hosts discuss Project Glasswing, Anthropic’s effort to use AI to identify previously unknown software vulnerabilities at scale. While the initiative could help improve security and accelerate patching, the conversation also highlights a key challenge: organizations are often much slower to deploy patches than suppliers are to create them. The hosts also note the risk that similar capabilities may eventually be adopted by malicious actors. Alex also highlights reports that the UK has tracked Russian vessels near subsea communications cables and pipelines, raising fresh questions about the security of critical undersea infrastructure and the strategic risks tied to both communications and energy networks.

Finally, in Community Corner, Professor Anya Shortland discusses her new book on the ransomware economy. Her work looks beyond attacker tactics to the broader ecosystem of victims, negotiators, intermediaries, and law enforcement, showing how ransomware operates not just as a technical threat, but as a human and economic system.

You can find the latest Distilling Cyber Policy episode on Spotify and Apple. As always, if you have topic ideas for upcoming episodes, please email tchopra@venable.com