For our last Distilling Cyber Policy podcast episode of 2024, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by four CCPL experts to try and predict the future of cyber policy in the coming year, while reflecting on some of their predictions from last year. Our experts include Ari Schwartz, Jeremy Grant, Heather West, and Harley Geiger, as well as thoughts from prior guests such as Ambassador Brendan Dowling and Shehzad Charania. 

Some of their predictions include:

  • The displacement of ransomware attacks with the developing world bearing the brunt of future attacks.
  • Further efforts around cyber legislation in the UK, especially in the form of their upcoming Cyber Resilience Bill.
  • Increased consumer expectations around passkeys in lieu of using passwords
  • More novel types of AI-enabled cyber attacks, as well as more AI and deepfake cyber attacks.
  • New AI-related regulation, not necessarily in the U.S., but globally.
  • More policy and regulatory attention on the issues around synthetic content.
  • 2025 being the year of quantum, especially with regards to post-quantum cryptography and quantum computing.
  • Further work around the recently announced New York Principles on the Security and Resilience of Undersea Cables in a Globally Digitalized World.
  • Continued momentum around international regulatory cooperation on cybersecurity.

From a U.S.-specific perspective, with incoming Trump administration in mind, predictions include:

  • Cybersecurity will hopefully remain a relatively bi-partisan issue.
  • Further focus on Chinese and geopolitical cybersecurity threats, especially in regards to the software and hardware supply chains.
  • Potential changes in the cybersecurity regulatory enforcement, especially in a post-Chevron and a more business-friendly environment.
  • Congressional gridlock limiting the ability to move forward on cross-sectoral critical infrastructure cybersecurity regulation.
  • Potential nullifications or replacements of Biden administration cyber-related Executive Orders.

Instead of the news segment this week, Jen and Alex share details on the upcoming CyberNext DC conference, co-hosted by CCPL and the Cyber Threat Alliance, which is taking place this Dec. 12. You can register for virtual attendance here

As always, you can find our latest episode on Spotify and Apple. This will be our last episode for 2024. Thank you to all our listeners - wishing you all a merry holiday season. 

Ines Jordan-Zoob

Read Next

AI Governance in Latin America

Artificial intelligence is no longer a technology of the future, it is already transforming how societies function. But these tools need some level of oversight and this is explored in the latest white paper from the Digi Americas Alliance.

How Existing Security Frameworks Can Help Meeting Bulk Data Rule Security Requirements

The DOJ bulk data rule prohibits certain transactions involving the sale or transfer of sensitive data. This post examines the security requirements and explains their interaction with existing cybersecurity and risk management frameworks and regs.