Event Recap: Securing the Cyber/Software Supply Chain

Cyber-software supply chain

Share this post


With the pressure for government agencies to meet the mandate on Software Supply Chain Security Guidance, it’s important to understand why it matters. Bryant Schuck with Checkmarx starts with a definition that “a software supply chain obviously draws strong parallels to the traditional supply chain.” The difference with software requires focus on securing “anything between the process and components you use to build your applications…from development to deployment.” Michael Epley with Red Hat added, “We like to think about security as achieving an important goal to protect end users.” With these statements in mind, how do agencies address the policy? Kanitra Tyler with NASA emphasized the need for relationships and “collaboration across the board… whether internally or externally” for the successful adoption of any security measure. Other key topics from the webinar included:

  • how to keep up with mandates and communicate about them internally
  • how to train your workforce on mitigating these risks
  • importance of EA, Zero Trust and Information Governance
  • how to anticipate and be prepared for threats
  • NASA Case Study: Opportunities & Challenges
  • guidance for small businesses on following policy
  • importance of acquisition stage of software and its security.
Sponsors: Red Hat, Checkmarx, TD Synnex

Registration for FISMA Training Closes Monday, September 11, 2023