“What concrete actions can EU deep-tech engineers take to make critical infrastructure more resilient and secure?”

The goal is a technically grounded discussion with clear, actionable recommendations for the open-source community — going beyond regulation or high-level strategy.

Planned focus areas:
The current (uncertain political) landscape & operational realities; sovereignty: Lawful access vs encryption
The impact of regulations like CRA/NIS2 on engineering decisions : what really helps
From Social Engineering to Runtime observability: are techniques like "Secure-by-design, memory safety, and supply chain security etc" actually working?