Sharing Responsibility for Protecting the Software Supply Chain
This event qualifies for .15 CEUs
This event qualifies for 1.5 CPEs
This event qualifies for 1.5 CLPs
Cyberattacks against organizations are now often using what might be considered a “bank shot” – planting malicious code in software components before they are used in products. When coders draw upon software libraries, whether open source or proprietary, to build new applications, they unwittingly include the malware. This is a less conspicuous method that threatens the software supply chain and harms organizations’ willingness to use systems’ abilities to patch themselves, just as automatic patching has proved critical to guarding against attacks on legacy systems.
Now the National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance, “Securing the Software Supply Chain: Recommended Practices Guide for Customers,” which outlines the steps that customer agencies should take to evaluate and ensure the security and integrity of the software they acquire. This builds on the May 2021 Executive Order that included a requirement for software providers to provide a software bill of materials (SBOM) to their government customers.
Join us as thought leaders from government and industry discuss the nature of complex software environments, the role of SBOMs in identifying endpoint risks across them, and how agencies can use SBOMs to better manage and mitigate those risks.
Speaker and Presenter Information
Robert Martin
Senior Principal Software & Supply Chain Assurance Engineer
MITRE
Jason Mullins
Supply Chain Lead,
Department of Education
Justin Murphy
Vulnerability Disclosure Analyst
CISA
Pat Sullivan
Senior Advisior to Director of Supply Chain Management
Army Materiel Command
Sam Kinch
Director, Tecnical Account Management-Federal,
Tanium
John Breeden II
Moderator & Contributing Editor,
FedInsider
Relevant Government Agencies
Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, Census Bureau, USAID, National Guard Association, EEOC, Federal Government, State & Local Government, FDA, Foreign Governments/Agencies, NSA, FCC
Event Type
Webcast
This event has no exhibitor/sponsor opportunities
When
Wed, Jan 11, 2023, 2:00pm - 3:30pm
ET
Cost
Complimentary: $ 0.00
Website
Click here to visit event website
Event Sponsors
Organizer
FEDINSIDER
Join the event conversation:
@FedInsider
#supplychain #cybersecurity