In this episode of Distilling Cyber Policy, hosts Alex Botting and Jen Ellis engage in a thought-provoking discussion with cybersecurity expert and Member of European Parliament, Bart Groothuis. The conversation centers around the Cyber Resilience Act (CRA), its implications for cybersecurity globally, and how to address untrustworthy vendors in European networks..
MEP Groothuis, drawing from his experience as Parliament's cybersecurity rapporteur, sheds light on the extensive influence an individual can have in shaping legislation. He emphasizes the importance of understanding the subject matter and leveraging expertise to convince stakeholders, ultimately shaping the language and provisions of the CRA. This insightful perspective highlights the significant role of security professionals in driving meaningful change.
The conversation then delves into the concept of software liability. Groothuis explains how the legislation provides a framework for legal disputes arising from cybersecurity incidents. He emphasizes the need for clear legislation concerning risky vendors, particularly those associated with countries known for offensive espionage programs. Groothuis advocates for de-risking practices and the incorporation of non-technical factors when evaluating software for critical infrastructure.
Throughout the episode, Groothuis’ expertise and passion for cybersecurity legislation shine. His calls for stronger measures against risky vendors and his efforts to ensure the protection of critical infrastructure create a compelling narrative. Listeners gain valuable insights into the complex world of cybersecurity legislation and the vital role it plays in securing our digital landscape.
Read Next
The Clock’s Ticking: Why CISA 2015 Must Be Renewed Now
As the September 2025 expiration of CISA 2015 looms, Congress faces a critical decision that will shape the future of national cyber defense. At a time when the U.S. is under near constant cyber attacks, government and industry need to share intel.
Cybersecurity Coalition, CR2 Comment on EU Cybersecurity Act Revision Consultation
The Cybersecurity Coalition and the Coalition to Reduce Cyber Risk submitted comments to the European Union Directorate-General for Communications Networks, Content and Technology’s open consultation on revisions to the Cybersecurity Act.
New Cybersecurity Executive Order, Same Mission: Protecting America's Digital Infrastructure
Since taking office speculation has swirled on what President Trump would do on cybersecurity. A new EO upholds previous messaging and underscores that cybersecurity isn't a partisan battle; it demands nonpartisan solutions to protect the nation.