ICIT Virtual Briefing: Software Supply Chain Security - Balancing Internal Orchestration with Attack Vendors

This event qualifies for 1 CPEs

ICIT Virtual Briefing: Software Supply Chain Security – Balancing Internal Orchestration with Attack Vectors


Along with security controls and AppSec policies, the way you and your teams treat the software you build over time impacts the speed at which you can react to a threat. The truth is that open source software (OSS) is often treated as if it isn’t a security problem—until it is. The log4j vulnerability and the subsequent CISA emergency directive was a sharp example of why leaders must take an active role in proactively mitigating risks associated with OSS. The right discipline and hygiene habits build the muscles you need to keep the window of opportunity for attackers within your risk tolerance.


To compound OSS risks even further, the rise of the malicious coder has made cyberattacks easier to perpetrate and harder to detect. Weak security controls in the OSS supply chain and ecosystem have encouraged the explosion of attacks in recent years. CVEs, while still important, have become table stakes. The need for strong risk telemetry related to our open source usage is now a critical control in Application Security. Difficult problems are often solved by going back to basics.


Join our esteemed panel to explore and discuss.


  • What does the vulnerability landscape look like currently?
  • Have we built the right muscles to react and update our applications quickly?
  • How do you overcome the culture barriers to achieve adoption and integration of a secure development program?
  • What are key takeaways and lessons learned from recent cyberattacks?



  • Nick Sinai, Senior Advisor at Insight Partners, Adjunct Faculty at Harvard Kennedy School, and author of Hack Your Bureaucracy (Moderator)
  • Robin Yeman, Chief Technical Officer, CCTI and TEDX Speaker 
  • Renata Spinks - Assistant Director IC4 and USMC Senior Information Security Officer at United States Marine Corp
  • Invited: Major Steven Whitman, Cyber Researcher, US Army
  • Bryant Schuck, Senior Product Manager for Checkmarx


Earn 1 CPE

Relevant Government Agencies

Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, Census Bureau, USAID, National Guard Association, EEOC, Federal Government, State & Local Government, FDA, Foreign Governments/Agencies, NSA, FCC

Event Type

This event has no exhibitor/sponsor opportunities

Wed, Oct 12, 2022, 2:00pm - 3:00pm ET

Complimentary:    $ 0.00

Click here to visit event website

Institute for Critical Infrastructure Technology

Contact Event Organizer

Return to search results