In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Despina Spanou, the Head of the Cabinet of the Vice-President of the European Commission. In her role, Despina oversees the European Union's policies on security, migration and asylum, health, skills, education, culture and sports. Previously, she was Director for Digital Society, Trust and Cybersecurity at DG CONNECT.
The discussion begins with the recent history and intentions of EU technology policy making, including the success stories of the EU’s Digital Covid Certificate and the evolution of the NIS 1 and 2 Directives, and the benefits of approaching cybersecurity not just as standalone technology policy, but as a fundamental part of the EU’s collective wellbeing and resilience.
Despina breaks down the EU’s legislative process, with the Commission first developing policy proposals, and then the Parliament (representing EU citizens) and the Council (representing EU member states) co-legislating and negotiating a final version of said policy. Jen emphasizes the difference between “directives,” which member states can implement in their own interpretation, versus “regulations,” which member states must implement word for word.
Despina then delves into the development of the Cyber Resilience Act (CRA), the associated timeline, and some of the implementation challenges - including around developing the European cybersecurity workforce. The conversation concludes with a look towards international cooperation on cybersecurity, including the recent announcement of the US-EU Joint Cybersafe Products Action Plan and the outcomes of the latest U.S-EU Trade and Technology Council meeting.
This week’s news segment features the Office of the National Cyber Director’s summary of their 2023 Cybersecurity Regulatory Harmonization RFI, and the recent White House announcement for bolstering cybersecurity in rural hospitals across the US with the help of Microsoft and Google.
For our new Community Corner segment, we are joined by the awesome Bryson Bort, founder and CEO of Scythe, founder of Grimm, and co-founder of the ICS Village. Bryson shares highlights from the recent Hack the Capitol conference, which focuses on industrial control systems.
You can find the latest Distilling Cyber Policy episode on Spotify and Apple. As always, if you would like to submit something for Community Corner, or have topic ideas for upcoming episodes, please email iaj01@venable.com.
Read Next
Trump EO Aims to Streamline Critical Infrastructure Resilience
In a move aimed at decentralizing incident-preparedness and response, President Trump signed an EO seeking to streamline the feds role in responding to incidents, like cyber attacks, and place decision-makin with State and locals.
Cybersecurity Regulatory Harmonization Hearing Highlights Need for Public Private Sector Partnerships
Private sector representatives emphasized the importance of streamlining cybersecurity regulations and improving information sharing efforts between the government and industry during a recent House hearing.
Industry Coalition Urges Commerce Secretary Lutnick to Prioritize Funding NIST Cyber Efforts
A letter addressed to Commerce Secretary Howard Lutnick from a coalition of industry organizations emphasizes the urgent need to sustain funding and support for the National Institute of Standards and Technology’s cybersecurity mission.
