The global information technology supply chain has been hit with a growing and unprecedented number of attacks as adversaries attempt to compromise systems with various forms of malware in an attempt to steal or compromise or hold for ransom sensitive information.

Federal executives realized how complex the question of supply chain security was in 2017 when officials tried to implement the Department of Homeland Security’s order to remove Kaspersky anti-virus software from federal computers and networks. Labeled a risk because of the company’s ties to Russia, the authority to force removal was not clearly laid out in previous policy. To remedy that, new legislation has been passed, a new acquisition security council is in process and the Government Accountability Office has put together recommendations for how agencies should manage their supply chain security.

The supply chain has many layers and components and simple fixes are rare. Vulnerabilities can be exploited in software and hardware and with software defined networks, it can be difficult to draw the line between where software ends and hardware begins.

In this workshop, we discussed the current threat landscape, the solutions being used and tested and what management plans and processes are available.

Attendees came away with an improved ability to:

  • Assess the vulnerabilities in systems and networks
  • How the different security assessments and requirement interact
  • The role the Federal Acquisition Security Council will play
  • Best process for Supply Chain Risk Management (SCRM)


  • RSA
  • Microsoft
  • Eclypsium
  • Dun & Bradstreet


Tuesday, January 19, 2021

8 AM
9 AM
10 AM
11 AM
12 PM
8:30 AM - 8:35 AM Welcome & Opening Remarks
8:35 AM - 9:05 AM Opening Keynote | Navigating the IT Supply Chain Security Risk Journey
  • Keith Nakasone Deputy Assistant Commissioner, Acquisition
    Office of Information Technology Category
    Federal Acquisition Service
    General Services Administration
  • Alex Whitworth* Director of Supply Chain Management Carahsoft

    *Providing Session Opening Remarks
9:25 AM - 9:50 AM Building a Trusted ICT Supply Chain
9:50 AM - 10:10 AM How Microsoft is Addressing IT Supply Chain Security
  • Ann S. Johnson Corporate Vice President of Security, Compliance & Identity (SCI) Business Development Microsoft
  • Brad Berkey Global Business Strategy Microsoft
10:10 AM - 10:15 AM Coffee Break
10:15 AM - 10:40 AM Key Lessons for Managing Cyber Risks in the Supply Chain
  • Jon Boyens Deputy Chief, Computer Security Division National Institute of Standards and Technology
11:00 AM - 11:25 AM Software Bill of Materials: Transparency in the Software Supply Chain
  • Allan Friedman, PhD Director of Cybersecurity Initiatives, National Telecommunications and Information Administration Department of Commerce
11:45 AM - 12:10 PM Closing Keynote | Building an Effective Supply Chain Shield
  • Bob Kolasky Assistant Director, National Risk Management Center, Cybersecurity and Infrastructure Security Agency Department of Homeland Security
12:10 PM Closing Remarks



The Hamilton Live
600 14th St NW| Washington, DC 20005


The Hamilton is located just steps from the White House at 14th and F Street, NW, Washington, DC, two blocks away from the Metro Center WMATA Metro Station, which is within walking distance of the venue.


There is a PMI Parking garage located at 1325 G Street, NW.Please note: Parking is not included with your registration.


NASBA CPE Registry

In accordance with the standards of the National Registry of CPE Sponsors, CPE credits have been granted based on a 50-minute hour.

Number of CPE Credits: 4

CPE Accreditation: Program knowledge level is overview and there is no prerequisite education or advanced preparation require.

Delivery Method: Group Internet Based

Field of Study: Information Technology

Registration # 137543

1105 Media is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:

Supply Chain Workshop

DATE: January 19, 2021

TIME: 8:30 am - 12:10 pm
(all times are ET)


COST: FREE for Government Attendees*

*Government registrations require a valid .gov/.mil email address for verification


Sponsorships for this event are SOLD OUT