Despina Spanou

Principal Advisor for Cybersecurity Coordination

European Commission

Artificial Intelligence

Cybersecurity

GovTech & Public Sector

About Me

Despina Spanou is Principal Adviser in the European Commission for Cybersecurity Coordination, including with security cross-cutting issues. She was previously the Head of the Cabinet of the Vice-President of the European Commission, Margaritis Schinas (2019-2024), overseeing the work on security, migration and asylum, health, skills, education, culture and sports. Prior to that, she was Director for Digital Society, Trust and Cybersecurity at the Director-General of the Directorate-General for Communications Network, Content and Technology (DG CONNECT) of the European Commission. Ms. Spanou was responsible for the European Union’s cybersecurity policy and law, served as a member of the management board of ENISA, and of the Steering Board of the Computer Emergency Response Team for the EU Institutions (CERT-EU). She is a founding member of Women4Cyber and advocates for the need for more cybersecurity experts in Europe.

Hear My Insights

Cyber Skills & Talent Shortage: Who and Where to Hire?

Despite its increasing importance in businesses, cybersecurity has faced a persistent talent shortage in recent years. According to the latest World Economic Forum report, only 14% of organizations feel confident in their talent pool and their associated skills. This global deficit is further exacerbated by a widening cybersecurity skills gap, hindering organizations' ability to achieve true cyber resilience. As cyber threats continue to evolve, amplified by the rise of Artificial Intelligence, ensuring organizational security is paramount. And in a job market where the demand for cybersecurity professionals far exceeds supply, addressing the skills and talent gap must be a top priority. Where should we begin? How can the workforce rise to cybersecurity challenges if their skills are outdated? What measures should public and private stakeholders implement to close the cybersecurity talent gap? And how can organizations foster diversity, retention, and attractiveness within the cybersecurity sector?

From Recognition to Regulation: Building Cyber Resilience

The rapid adoption of AI, new privacy laws, and geopolitical tensions are creating a fragmented international cybersecurity landscape, complicating enforcement and making cyber resilience and cross-border compliance difficult. As private companies become prime targets for sophisticated foreign actors, the line between corporate security and national defense has blurred. Meanwhile, organizations face increasing pressure to ensure transparency, accountability, and alignment with stringent privacy and security standards. This is no longer a technical issue—it’s a strategic one. With cybersecurity now sitting at the heart of corporate decision-making, companies must not only navigate regulatory expectations across jurisdictions but also build resilience against increasingly sophisticated cyber threats, often without a clear global framework. How can businesses better align security strategies with evolving geopolitical risks? What collaboration systems should be established to navigate regulatory complexity? In this context, how are AI and cybersecurity risks reshaping corporate decision-making and executive teams?