Software Supply Chain Security; More Than Just Dependencies

May 16th, 2024

Watch an informative and insightful event on Software Supply Chain Security; More Than Just Dependencies. Our panel of industry experts, including Cassie Crossley, Allan Freedman, Wolfgang Goerlich, and host Misha Yalavarthy, will dive into the crucial elements of securing your software supply chain beyond third-party dependencies.

During this session, we cover topics such as supplier management and verification, risk assessments, securing the development process, and more. Our experts share their knowledge and experience to help you understand the value of your software supply chain and the processes needed to ensure it remains secure.

In the current threat landscape, securing your software supply chain is more critical than ever. It not only helps to mitigate security risks but can also help maintain the reputation of your organization. This panel discussion aims to provide you with actionable insights and best practices for securing your software supply chain.

Cassie Crossley, Vice President, Supply Chain Security in the global Cybersecurity & Product Security Office at Schneider Electric, is an experienced cybersecurity technology executive in Information Technology and Product Development and author of Software Supply Chain Security: Securing the End-to-End Supply Chain for Software, Firmware, and Hardware. She has many years of business and technical leadership experience in supply chain security, cybersecurity, product/application security, software/firmware development, program management, and data privacy.

J. Wolfgang Goerlich is an Advisory CISO with Cisco. Prior to this role, he led IT and IT security in the healthcare and financial services verticals. Wolfgang has held senior positions at several consulting firms, leading security advisory and assessment practices. He is an active part of the security community, co-founding and organizing communities and conferences. Wolfgang regularly works in security architecture and design, identity and access management, zero trust, and resilience.

Misha Yalavarthy is the Security Engineering Manager for the Supply Chain Security Research team at Semgrep. Her experience in security includes: Incident Management, Detection Response & Engineering, Application Security, Forensics, and Compliance. She has an undergrad degree from the University of California, San Diego and masters from Santa Clara University.

From the Bay Area, Misha is currently spending the next year in Boston. She’d love to meet more people this year and build a stronger security community in the Boston area!

Dr. Allan Friedman is “the SBOM guy.” He is Senior Advisor and Strategist at the Cybersecurity and Infrastructure Security Agency. He coordinates the global cross-sector community efforts around software bill of materials (SBOM) and related vulnerability and supply chain initiatives, and works to advance their adoption inside the US government and around the world. He was previously the Director of Cybersecurity Initiatives at NTIA, leading pioneering work on vulnerability disclosure, SBOM, and other security topics. Prior to joining the Federal government, Friedman spent over a decade as a noted information security and technology policy scholar at Harvard’s Computer Science department, the Brookings Institution, and George Washington University’s Engineering School. He is the co-author of the popular text “Cybersecurity and Cyberwar: What Everyone Needs to Know,” has a degree in computer science from Swarthmore College and a PhD in public policy from Harvard University.  He is quite friendly for a failed-professor-turned-technocrat.

JC Herz is Exiger’s SVP of Cyber Supply Chain, which delivers product-level risk and assurance of software and cyber-physical devices, including Software Bill of Materials (SBOM) analysis and upstream operational and supplier risk in open source and proprietary software components. She was the co-founder and CEO of Ion Channel, a software supply chain analytics platform Exiger acquired in 2023, and is a fellow at George Mason University’s National Security Institute. Prior to Ion Channel, JC worked at a predictive causal AI company in healthcare, and on semi-autonomous defense systems. She has served on the Federal Advisory Board of the U.S. National Science Foundation and as a White House Special Consultant to the Office of the Secretary of Defense.

Wolfgang Goerlich
Cisco
Advisory CISO, Duo Security
Cassie Crossley
Schneider Electric
VP, Supply Chain Security, Cybersecurity & Product Security Office
Misha Yalavarthy
Semgrep
Security Engineering Manager
Allan Friedman
Cybersecurity and Infrastructure Security Agency
Senior Advisor and Strategist
JC Herz
Exiger
SVP of Cyber Supply Chain