Carahsoft

Featured Speakers

Brad Berkey
Global Business Strategy
Microsoft

Jon Boyens
Deputy Chief, Computer Security Division
National Institute of Standards and Technology

Dan Carayiannis
Public Sector Director
RSA Archer

Erik Ekwurzel
Chief Technology Officer
Dun & Bradstreet

Allan Friedman, PhD
Director of Cybersecurity Initiatives, National Telecommunications and Information Administration
Department of Commerce

Ann S. Johnson
Corporate Vice President of Security, Compliance & Identity (SCI) Business Development
Microsoft

Bob Kolasky
Assistant Director, National Risk Management Center, Cybersecurity and Infrastructure Security Agency
Department of Homeland Security

John Loucaides
VP, R&D
Eclypsium

Mark Montgomery
Executive Director
Cyberspace Solarium Commission Senior Advisor

Keith Nakasone
Deputy Assistant Commissioner, Acquisition
Office of Information Technology Category
Federal Acquisition Service
General Services Administration

Alex Whitworth*
Director of Supply Chain Management
Carahsoft

*Providing Session Opening Remarks

The global information technology supply chain has been hit with a growing and unprecedented number of attacks as adversaries attempt to compromise systems with various forms of malware in an attempt to steal or compromise or hold for ransom sensitive information.

Federal executives realized how complex the question of supply chain security was in 2017 when officials tried to implement the Department of Homeland Security’s order to remove Kaspersky anti-virus software from federal computers and networks. Labeled a risk because of the company’s ties to Russia, the authority to force removal was not clearly laid out in previous policy. To remedy that, new legislation has been passed, a new acquisition security council is in process and the Government Accountability Office has put together recommendations for how agencies should manage their supply chain security.

The supply chain has many layers and components and simple fixes are rare. Vulnerabilities can be exploited in software and hardware and with software defined networks, it can be difficult to draw the line between where software ends and hardware begins.

In this workshop, we will discuss the current threat landscape, the solutions being used and tested and what management plans and processes are available.

Attendees will come away with an improved ability to:

  • Assess the vulnerabilities in systems and networks
  • How the different security assessments and requirement interact
  • The role the Federal Acquisition Security Council will play
  • Best process for Supply Chain Risk Management (SCRM)

Sponsors

HTML - No Current Item Deck
  • RSA
  • Microsoft
  • Eclypsium
  • Dun & Bradstreet

Agenda

Tuesday, January 19, 2021

8 AM
9 AM
10 AM
11 AM
12 PM
8:30 AM - 8:35 AM Welcome & Opening Remarks
8:35 AM - 9:05 AM Opening Keynote | Navigating the IT Supply Chain Security Risk Journey
  • Keith Nakasone Deputy Assistant Commissioner, Acquisition
    Office of Information Technology Category
    Federal Acquisition Service     General Services Administration
  • Alex Whitworth* Director of Supply Chain Management Carahsoft

    *Providing Session Opening Remarks
9:05 AM - 9:25 AM Understanding and Managing 3rd Party Risk With Visibility, Insight and Action
9:25 AM - 9:50 AM Building a Trusted ICT Supply Chain
  • Mark Montgomery Executive Director Cyberspace Solarium Commission Senior Advisor
9:50 AM - 10:10 AM How Microsoft is Addressing IT Supply Chain Security
  • Ann S. Johnson Corporate Vice President of Security, Compliance & Identity (SCI) Business Development Microsoft
  • Brad Berkey Global Business Strategy Microsoft
10:10 AM - 10:15 AM Coffee Break
10:15 AM - 10:40 AM Key Lessons for Managing Cyber Risks in the Supply Chain
  • Jon Boyens Deputy Chief, Computer Security Division National Institute of Standards and Technology
10:40 AM - 11:00 AM Assuring Device Integrity in the Supply Chain and Beyond
11:00 AM - 11:25 AM Software Bill of Materials: Transparency in the Software Supply Chain
  • Allan Friedman, PhD Director of Cybersecurity Initiatives, National Telecommunications and Information Administration Department of Commerce
11:25 AM - 11:45 AM Applying Machine Learning to Reveal Hidden Supply Chain Resilience Weaknesses and Adversarial Infiltration
11:45 AM - 12:10 PM Closing Keynote | Building an Effective Supply Chain Shield
  • Bob Kolasky Assistant Director, National Risk Management Center, Cybersecurity and Infrastructure Security Agency Department of Homeland Security
12:10 PM Closing Remarks

Venue

 

The Hamilton Live
600 14th St NW| Washington, DC 20005

Metro

The Hamilton is located just steps from the White House at 14th and F Street, NW, Washington, DC, two blocks away from the Metro Center WMATA Metro Station, which is within walking distance of the venue.

Parking

There is a PMI Parking garage located at 1325 G Street, NW.Please note: Parking is not included with your registration.

CPE

NASBA CPE Registry

In accordance with the standards of the National Registry of CPE Sponsors, CPE credits have been granted based on a 50-minute hour.

Number of CPE Credits: 4

CPE Accreditation: Program knowledge level is overview and there is no prerequisite education or advanced preparation require.

Delivery Method: Group Internet Based

Field of Study: Information Technology

Registration # 137543

1105 Media is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org

Supply Chain Workshop

DATE: January 19, 2021

TIME: 8:30 am - 12:10 pm
(all times are ET)

LOCATION: Online

COST: FREE for Government Attendees*

*Government registrations require a valid .gov/.mil email address for verification

Sponsorships

Sponsorships for this event are SOLD OUT