Virtual Monthly Speaker Series: Supply Chain Risk Management in a Global World

One of the top cybersecurity concerns in 2023 is supply chain security for software. Risks can include insertion of counterfeits, unauthorized production, tampering, theft, insertion of malicious software and hardware, as well as poor manufacturing and development practices in the cybersecurity-related elements of the supply chain.

The recently released NIST Cybersecurity Supply Chain Risk Management (C-SCRM) program helps agencies manage the increasing risk of supply chain compromise related to cybersecurity. In addition, National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance, “Securing the Software Supply Chain: Recommended Practices Guide for Customers,” which outlines the steps that customer agencies should take to evaluate and ensure the security and integrity of the software they acquire.

Join AFFIRM as thought leaders from government and industry discuss the nature of complex software environments and methods to better manage and mitigate supply chain risks.

This event is on the record. There is 1 CEU available for this program.

Learning objectives:

• Explore best practice for building an effective risk management program.
• Discuss ways to tailor cyber supply chains based on the individual agency context.
• Review adversarial threats such as tampering and counterfeits as well as internal and external vulnerabilities.