ICIT Virtual Briefing: Software Supply Chain Security - Balancing Internal Orchestration with Attack Vendors
This event qualifies for 1 CPEs
ICIT Virtual Briefing: Software Supply Chain Security – Balancing Internal Orchestration with Attack Vectors
Along with security controls and AppSec policies, the way you and your teams treat the software you build over time impacts the speed at which you can react to a threat. The truth is that open source software (OSS) is often treated as if it isn’t a security problem—until it is. The log4j vulnerability and the subsequent CISA emergency directive was a sharp example of why leaders must take an active role in proactively mitigating risks associated with OSS. The right discipline and hygiene habits build the muscles you need to keep the window of opportunity for attackers within your risk tolerance.
To compound OSS risks even further, the rise of the malicious coder has made cyberattacks easier to perpetrate and harder to detect. Weak security controls in the OSS supply chain and ecosystem have encouraged the explosion of attacks in recent years. CVEs, while still important, have become table stakes. The need for strong risk telemetry related to our open source usage is now a critical control in Application Security. Difficult problems are often solved by going back to basics.
Join our esteemed panel to explore and discuss.
- What does the vulnerability landscape look like currently?
- Have we built the right muscles to react and update our applications quickly?
- How do you overcome the culture barriers to achieve adoption and integration of a secure development program?
- What are key takeaways and lessons learned from recent cyberattacks?
Panelist
- Nick Sinai, Senior Advisor at Insight Partners, Adjunct Faculty at Harvard Kennedy School, and author of Hack Your Bureaucracy (Moderator)
- Robin Yeman, Chief Technical Officer, CCTI and TEDX Speaker
- Renata Spinks - Assistant Director IC4 and USMC Senior Information Security Officer at United States Marine Corp
- Invited: Major Steven Whitman, Cyber Researcher, US Army
- Bryant Schuck, Senior Product Manager for Checkmarx
Earn 1 CPE
Relevant Government Agencies
Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Census Bureau, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, USAID, State & Local Government, National Guard Association, EEOC, Federal Government, FDA, Foreign Governments/Agencies, NSA, FCC
Event Type
Webcast
This event has no exhibitor/sponsor opportunities
When
Wed, Oct 12, 2022, 2:00pm - 3:00pm
ET
Cost
Complimentary: $ 0.00
Website
Click here to visit event website
Organizer
Institute for Critical Infrastructure Technology