top of page
CS2AI Symposium Image white

Securing the Software Supply Chain:
Forging an Unbreakable Chain

April 6, 2022
1:00PM - 5:30PM EST

Register Now_edited.png
Register Today
About the symposium

About the Symposium

After a year of high profile cyber incidents against Operational Technology (OT) systems, followed by a frenzy of regulatory initiatives from governments around the world, executives in critical infrastructure are accelerating their efforts to secure their operations. The software supply chain has been a particularly attractive target for attackers. SecurityWeek reported that software supply chain attacks tripled in 2021—and that’s following a 430% surge in 2020. It has not gone unnoticed.

This symposium will explore the risks posed by a lack of visibility into the OT software supply chain. It will describe the important regulatory requirements initiated by the US federal government and explore the impact of these regulations, both in the US and internationally. We’ll do a deep dive into the federal requirement for Software Bill of Materials (SBOMs), the critical role they play in risk reduction, and the future direction of supply chain transparency.

We’ll discuss some of the challenges of creating and using SBOMs in OT/ICS environments. OT technology has a long service life and there is often legacy software where the source code is no longer available. We’ll also cover how OT vendors can use VEX (Vulnerability Exploitability eXchange) documents to help prioritize vulnerabilities exposed by SBOMs.

Finally, we’ll wrap up with a real world example detailing the experiences of a major OEM vendor that determined the risk posed by the vulnerabilities in the Apache Foundation’s Log4j module, identified products where it was exploitable, and efficiently communicated with their customers using VEX.

The need for a secure supply chain is the new business imperative for operators of critical infrastructure and those who supply them with software and firmware. Don’t miss this chance to hear from the experts on how to forge an unbreakable chain in critical infrastructure operations.


This event is brought

to you by:










Meet The Event Speakers

Derek Harp

Derek Harp

Chairman and Founder at (CS)²AI Headquarters

Host

Image-empty-state_edited.jpg
Rod Campbell

Rod Campbell

Chief Executive Officer at aDolus Technology Inc.

Speaker

Image-empty-state_edited.jpg
Erik Schwiegert

Erik Schwiegert

Principal Network and Systems Engineer at
Solar Turbines

Speaker

Image-empty-state_edited.jpg
Mark Weatherford

Mark Weatherford

CSO at AlertEnterprise

Speaker

Image-empty-state_edited.jpg
Brad Raiford

Brad Raiford

Director Cyber Security at KPMG US

Speaker

Image-empty-state_edited.jpg
Eric Byers

Eric Byers

CTO and Board Member at aDolus Technology Inc.

Speaker

Image-empty-state_edited.jpg
Caleb Queern

Caleb Queern

Director at KPMG Cyber Security Services

Keynote

Image-empty-state_edited.jpg
Allan Friedman, PhD

Allan Friedman, PhD

Senior Advisor and Strategist at Cybersecurity and Infrastructure Security Agency

Speaker

Image-empty-state_edited.jpg
Jonathan Dambrot

Jonathan Dambrot

Partner at KPMG

Speaker

Image-empty-state_edited.jpg
Agenda

Agenda

*Please note this agenda is subject to change as we get closer to the event date.


1:00 PM Kickoff with Derek Harp


1:15 PM The Need for a Secure Software Supply Chain with Caleb Queern

Followed by Q&A


1:45 PM Recent Regulations and SBOM with Mark Weatherford

Followed by Q&A


2:35 PM Progress on Supply Chain Risks: Transparency as the Starting Point with Allan Friedman

Followed by Q&A


3:35 PM The Challenges of SBOMs - Making SBOMs Work for you / VEX Documents with Eric Byers

Followed by Q&A


4:20 PM Real World Case Studies (and Call to Action from Erik Schweigert)

Followed by Q&A


5:05 PM Panel Wrap-up with Jonathan Dambrot, Brad Raiford, Rod Campbell, and Eric Byers


5:30 PM Symposium Close

Meet the speakes
Prize Wheel.png

Meet The Event Steering Committee

members%20helping%20members%20no%20cs2ai

(CS)²AI would like to thank the steering committee from aDolus and KPMG for all the effort put into making this a unique and impactful event for the community. 

Yet another great example of Members Helping Members!

Become a Sponsor

Thanks for submitting!

supplychain.jpg
Register Now_edited.png
bottom of page