Distilling Cyber Policy

In this year-end episode of Distilling Cyber Policy, hosts Alex Botting and Jen Ellis are joined by three CCPL experts to try and predict the future of cyber policy in the coming year, while reflecting on some of their predictions from last year. Our experts include Caitlin Clarke, Jeremy Grant, and Heather West as well as thoughts from prior guests such as MEP Bart Groothius, Ifran Hemani, and Katharina Sommers.

In the latest Distilling Cyber Policy podcast, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by guests, Stacy O’Mara, Senior Director of Venable and Leonard Bailey, former Head of the Cybersecurity Unit in the Computer Crime and Intellectual Property Section (CCIPS) and Special Counsel for National Security in the DOJ’s Criminal Division.From shifting global norms to the rising pressure for stronger deterrence, our guests break down why offensive capabilities are back in the spotlight and what it means for national security. They dig into the debate over whether these operations should remain strictly government-run or if there’s ever a world where the private sector plays a significant role. They also break down the risks, the misconceptions, and the practical challenges that keep the “hack back” debate alive, including concerns about misattribution, escalation, and potential interference with intelligence or law enforcement operations.Interview:Pall Mall Process Industry Code of Practice (due Dec. 22)Computer Fraud and Abuse Act (CFAA)News:India Orders Smartphones Makers to Preload State-Owned Cyber Safety AppCISA, Australia, and Part and Partners Author Joint Guidance on Securely Integrating Artificial Intelligence in Operational TechnologyCommunity Corner:Carveout for Security Research in Portugal's NIS2

Sam Stockwell, a research associate at the CTAS, shares insights on the future of cyber policy in 2025. He discusses the evolving ransomware threats and the increased complexity of cyber extortion targeting vulnerable regions. Stockwell emphasizes the importance of international cooperation to enhance cybersecurity frameworks. The impact of AI on cyber attacks and disinformation in democratic processes is explored, alongside legislative shifts expected with potential changes in U.S. administration. Tune in for a lively discussion on the challenges and innovations shaping our digital landscape!

Lee Licata, Deputy Section Chief for National Security Data Risk at DOJ, and Grant Dasher, Acting Technical Deputy Director for Cybersecurity at CISA, dive into crucial cybersecurity regulations following Executive Order 14117. They discuss the implications of the DOJ's proposed rulemaking and the necessity for public participation in shaping these crucial regulations. The conversation spotlights national security risks related to data handling and the role of CISA in enforcing compliance. Tune in for insights into the evolving landscape of cybersecurity policymaking!

In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Anne Marie Schumann, the Department of the Navy’s Principal Cyber Advisor. In this role, she is responsible for advising the Secretary of the Navy, Chief of Naval Operations, and Commandant of the Marine Corps on all cyber matters. In the discussion, Anne Marie shares context on the Navy’s first-ever Department Cyber Strategy, which was released in November 2023. News:CISA's Call for Comment on Cyber Incident Reporting FormCommunity Corner:Paris Peace SummitAs always, if you would like to submit something for the Community Corner segment, or have topic ideas for upcoming episodes, please email iaj01@venable.com. 

Hamish Hansford is the Deputy Secretary of Cyber and Infrastructure Security Group in Australia, co-chairing the International Counter Ransomware Task Force. Cassie Crossely, a Vice President at Schneider Electric, specializes in supply chain security. They dive into the International Counter Ransomware Initiative and discuss global collaboration against cyber threats. Topics include the evolution of cybersecurity strategies, the importance of transparency in supply chains, and the pressing need for robust policies to combat ransomware effectively.

In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Paula Bogantes, the Costa Rican Minister of Science, Innovation, Technology and Telecommunications.News:Senate Confirms Michael Sulmeyer as DoD Cyber Policy ChiefDoD Establishes the Office of the Assistant Secretary of Defense for Cyber PolicyChile’s Public Consultation on Cybersecurity Framework Law RegulationsChile’s New Cybersecurity Framework LawEU Product Liability DirectiveInterview:Costa Rica's 2023-2027 Cybersecurity Strategy United States Announces $25M to Strengthen Costa Rica’s CybersecurityDigiAmericas LATAM CISO Summit 

Grant Schneider, Senior Director of Cybersecurity Services at Venable LLP, discusses the NDAA's impact on cybersecurity laws, challenges in technology policy, Pegasus spyware in Poland, and the importance of zero trust implementation in the Department of Defense.

In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Despina Spanou, the Head of the Cabinet of the Vice-President of the European Commission. The discussion begins with the recent history and intentions of EU technology policy making, the EU’s legislative process, and the development of the Cyber Resilience Act (CRA). The conversation concludes with a look towards international cooperation on cybersecurity, including the recent announcement of the US-EU Joint Cybersafe Products Action Plan and the outcomes of the latest U.S-EU Trade and Technology Council meeting. News:ONCD Releases its Summary of the 2023 Cybersecurity Regulatory Harmonization RFIWhite House highlights voluntary commitments from Google, Microsoft to provide cyber services for health sectorInterview:Digital Covid CertificateNIS DirectiveCRAU.S.-EU Sign Joint Cybersafe Products Action PlanU.S.-EU Trade and Technology Council MeetingCommunity Corner:ICS VillageHack the Capitol

In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by John Banghart, Senior Director at Venable LLP, and Kent Landfield, a founding member of the Common Vulnerabilities and Exposures (CVE) Program and bonafide cybersecurity industry veteran. Their discussion delves into the latest developments and ongoing debate around the National Vulnerability Database (NVD).News:International Cyberspace and Digital Policy StrategyCISA's Secure by Design PledgeUK's Product Security and Telecommunications Infrastructure (PSTI) ActUK Consultation for draft code of practice for software vendorsUK Consultation for draft code of practice for cybersecurity of AI  Interview:National Vulnerability DatabaseCommon Vulnerability ExposuresForum of Incident Response and Security Teams (FIRST)Community Corner:Inaugural Cyber Policy Awards