Sign up to save your podcasts
Or
Share Europe vs China vs US: Who Controls Your Tech?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Europe vs China vs US: Who Controls Your Tech?
You don’t control the technology your business runs on.
That’s an uncomfortable reality.
But the truth is: your infrastructure runs on foreign technology.
Your data depends on external suppliers.
And if they fail – you feel it.
The EU has decided to step in.
In this episode of Threat Talks, Lokke Moerel (Professor of Global ICT Law at Tilburg University and leading expert in EU cybersecurity regulation) breaks down how Europe’s new cybersecurity package is reshaping supply chain security.
Because this is not just about audits.
From Chinese components embedded in infrastructure to US-controlled cloud services, organizations are relying on suppliers that sit outside their control. And that creates a different kind of risk. Not just technical – but strategic.
The EU is now responding with a structural shift:
- One certification approach across Europe
- Clearer rules for suppliers in critical functions
- Separation of technical security and geopolitical risk
This changes how supply chain security works.
For CISOs and security leaders, the message is clear:
If your cybersecurity risk mitigation strategies don’t account for dependency on external suppliers, you’re exposed.
Timestamps
00:00 – Your Vendor Passed the Audit—Why You’re Still Exposed
01:32 – The EU Cybersecurity Landscape: What’s Changing Now
04:06 – The Supply Chain Problem: Why Current Cybersecurity Risk Mitigation Strategies Fail
08:39 – What This Means: New Rules for Critical Suppliers and Infrastructure
17:13 – What Organizations Must Do Now to Strengthen Cybersecurity Risk Mitigation Strategies
20:34 – Geopolitics vs Security: Will Certain Suppliers Be Restricted?
25:07 – Innovation vs Regulation: Are We Heading for a Two-Speed Market?
28:36 – Practical Next Steps: How to Prepare Your Supply Chain Today
29:27 – Key Takeaways and Final Thoughts
Key Topics Covered
- Why dependency on China and the US creates new supply chain risk
- How the EU cybersecurity package reshapes supplier accountability
- Why security and geopolitics are now treated separately
- What organizations must do to strengthen cybersecurity risk mitigation strategies
Resources
- Threat Talks: https://threat-talks.com/
- ON2IT (Zero Trust as a Service): https://on2it.net/
- AMS-IX: https://www.ams-ix.net/ams
- Threat Talks episode Bart Groothuis: https://www.youtube.com/watch?v=Vj5Z7RYMACY
- EU Cybersecurity package: https://ec.europa.eu/commission/presscorner/detail/en/ip_26_105
Subscribe to Threat Talks and turn on notifications for deep dives into the world’s most active cyber threats and hands-on exploitation techniques.
🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: / @threattalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUE...
► APPLE: https://podcasts.apple.com/us/podcast...
👕 Receive your Threat Talks T-shirt
https://threat-talks.com/
🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com
🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX
View all episodes
By Threat TalksYou don’t control the technology your business runs on.
That’s an uncomfortable reality.
But the truth is: your infrastructure runs on foreign technology.
Your data depends on external suppliers.
And if they fail – you feel it.
The EU has decided to step in.
In this episode of Threat Talks, Lokke Moerel (Professor of Global ICT Law at Tilburg University and leading expert in EU cybersecurity regulation) breaks down how Europe’s new cybersecurity package is reshaping supply chain security.
Because this is not just about audits.
From Chinese components embedded in infrastructure to US-controlled cloud services, organizations are relying on suppliers that sit outside their control. And that creates a different kind of risk. Not just technical – but strategic.
The EU is now responding with a structural shift:
- One certification approach across Europe
- Clearer rules for suppliers in critical functions
- Separation of technical security and geopolitical risk
This changes how supply chain security works.
For CISOs and security leaders, the message is clear:
If your cybersecurity risk mitigation strategies don’t account for dependency on external suppliers, you’re exposed.
Timestamps
00:00 – Your Vendor Passed the Audit—Why You’re Still Exposed
01:32 – The EU Cybersecurity Landscape: What’s Changing Now
04:06 – The Supply Chain Problem: Why Current Cybersecurity Risk Mitigation Strategies Fail
08:39 – What This Means: New Rules for Critical Suppliers and Infrastructure
17:13 – What Organizations Must Do Now to Strengthen Cybersecurity Risk Mitigation Strategies
20:34 – Geopolitics vs Security: Will Certain Suppliers Be Restricted?
25:07 – Innovation vs Regulation: Are We Heading for a Two-Speed Market?
28:36 – Practical Next Steps: How to Prepare Your Supply Chain Today
29:27 – Key Takeaways and Final Thoughts
Key Topics Covered
- Why dependency on China and the US creates new supply chain risk
- How the EU cybersecurity package reshapes supplier accountability
- Why security and geopolitics are now treated separately
- What organizations must do to strengthen cybersecurity risk mitigation strategies
Resources
- Threat Talks: https://threat-talks.com/
- ON2IT (Zero Trust as a Service): https://on2it.net/
- AMS-IX: https://www.ams-ix.net/ams
- Threat Talks episode Bart Groothuis: https://www.youtube.com/watch?v=Vj5Z7RYMACY
- EU Cybersecurity package: https://ec.europa.eu/commission/presscorner/detail/en/ip_26_105
Subscribe to Threat Talks and turn on notifications for deep dives into the world’s most active cyber threats and hands-on exploitation techniques.
🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: / @threattalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUE...
► APPLE: https://podcasts.apple.com/us/podcast...
👕 Receive your Threat Talks T-shirt
https://threat-talks.com/
🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com
🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX