China is Already Inside your infrastructure

No se pudo agregar al carrito

Solo puedes tener X títulos en el carrito para realizar el pago.

Add to Cart failed.

Por favor prueba de nuevo más tarde

Error al Agregar a Lista de Deseos.

Por favor prueba de nuevo más tarde

Error al eliminar de la lista de deseos.

Por favor prueba de nuevo más tarde

Error al añadir a tu biblioteca

Por favor intenta de nuevo

Error al seguir el podcast

Intenta nuevamente

Error al dejar de seguir el podcast

Intenta nuevamente

China is Already Inside your infrastructure

Escúchala gratis

Ver detalles del espectáculo

China is Already Inside your infrastructure.

And the EU is done ignoring it.

In this exclusive first discussion of the upcoming EU Cybersecurity Act revision, Bart Groothuis, MEP, joins Lieuwe-Jan Koning, CTO and Co-Founder, to explain why vendor dependency is now a board-level security risk.

Groothuis breaks down how the revised EU Cybersecurity Act will shift Europe from soft guidance to hard enforcement - introducing formal “high-risk vendor” treatment inside critical infrastructure.

This isn’t about secret backdoors.

It’s about who controls the next update.
Who enters your data center.
And who can one day - switch off the grid.

The revision brings non-technical risk - state influence, intelligence laws, geopolitical leverage - directly into cyber certification decisions. That means supply chain risk is no longer theoretical. It’s regulatory.

And the impact goes far beyond telecom.
Energy. Cloud. Transport. Enterprise IT.

If your infrastructure depends on a vendor tied to a high-risk state, this conversation matters.

Timestamps
00:00 Opening & guest intro: MEP Bart Roos - rapporteur on EU legislation
01:23 What the CSA revision targets - certification, telecoms, cloud
09:11 Non-technical risk: intelligence laws, vendor-state ties, 5G implications
15:10 What’s new in the Security Act Revision, 4G vs 5G - why virtualisation changes the security model

17:17 Energy, inverters, and real-world dependency risks - blackouts
21:53 What organisations & buyers should do now (roadmaps, phasing out risk)
25:53 Final call to action & closing

Key Topics Covered
• Why the EU Cybersecurity Act revision treats non-technical vendor risk as policy, not just code review.
• The difference between technical vulnerabilities and vendor/state dependencies (intelligence laws, personnel access).
• 5G’s virtualised architecture: “winner takes all” risks and the limits of code audits.
• Practical next steps for CISOs: vendor inventory, risk-based roadmaps, procurement levers and phasing strategies.

Related ON2IT content & explicitly referenced resources
ON2IT website: https://on2it.net/
Threat Talks website: https://threat-talks.com/
European Commission - Cybersecurity Act overview: https://digital-strategy.ec.europa.eu/en/policies/cybersecurity-act
Proposal for a Regulation for the EU Cybersecurity Act: https://digital-strategy.ec.europa.eu/en/library/proposal-regulation-eu-cybersecurity-act

Subscribe and turn on notifications to stay ahead of emerging cyber policy, supply chain risk, and critical infrastructure security across IT and OT.
► YOUTUBE: /@threattalks
► Spotify / Apple Podcasts:

Todavía no hay opiniones