In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by our second-ever Australian guest: Hamish Hansford, the Deputy Secretary of Cyber and Infrastructure Security Group at the Australian Department of Home Affairs.
The discussion begins with the fourth annual convening of the International Counter Ransomware Initiative (CRI), which was held in Washington DC earlier this month. Through the CRI, over 68 governments and partners come together to disrupt the global scourge of ransomware. Hamish shares context on the CRI, as well as adjacent efforts - including recent coordination by Australia, the U.S., and the UK to impose targeted financial sanctions and travel bans on three Russian citizens for their involvement in the Evil Corp cybercrime group - a notorious group responsible for ransomware attacks around the world over the last decade.
Jen and Alex dig into several other cyber priorities for Australia, with Hamish sharing details on the recently launched Cyber Wardens Program – think fire wardens, but for cyber – as well as progress on Australia’s ongoing Cyber Security Legislative Package, which includes efforts to implement Secure-by-Design with standards like ETSI EN 303 645.
This week’s news segment features news from around the world, including:
- The Pall Mall Process
- The official adoption of the EU’s Cyber Resilience Act (CRA)
- The publication of the EU’s Network and Information Security Directive (NIS 2) Implementing Act
- Ghana’s New National Cybersecurity Policy and Strategy
For our community corner segment, we are joined by the delightful Cassie Crossely to learn more about her book, published earlier this year, “Software Supply Chain Security: Securing the End-to-End Supply Chain for Software, Firmware, and Hardware”.
You can find the latest Distilling Cyber Policy episode on Spotify and Apple. As always, if you would like to join us for the community corner segment, or have topic ideas for upcoming episodes, please email iaj01@venable.com.
Read Next
What States Can Learn from North Carolina’s Approach to Securing Government
As states across the country grapple with how to adopt AI responsibly, North Carolina offers a compelling case study - not because it has all the answers, but because it has built the institutional muscle to learn, adapt, and lead.
Developing a National Cybersecurity Strategy
Developing a national cybersecurity strategy is a critical investment a government can make to secure its future. This paper outlines the components and offers a framework with the tools to design, implement, and improve their strategies.
FedRAMP Signals Acceleration of Requirements for Machine-Readable Packages in the Rev5 Process
FedRAMP has proposed modifications to the Rev5 process in the newly published RFCs that could enact major changes and require Cloud Service Offerings to provide authorization packages in a “machine-readable format.”
