Recorded:    February 15 | 2024      Watch

Join us as we explore the latest advancements in securing software supply chains. As the digital landscape evolves, so do the threats to software integrity. The National Institute of Standards and Technology (NIST) has updated its guidelines to address these challenges, and this webinar will provide a comprehensive understanding of how to leverage NIST 2.0 for robust supply chain security.

By attending you will earn 1.5 CPE credits and:

• Gain a thorough understanding of the key components and updates in the NIST 2.0 framework.
• Learn practical strategies for identifying, assessing, and mitigating risks within the software supply chain.
• Explore the incident response and continuous monitoring aspects of NIST 2.0 to enhance your organization's ability to detect and respond to security incidents promptly.
• Understand how to implement effective monitoring mechanisms for ongoing evaluation and improvement of software supply chain security.

Don't miss this opportunity to stay ahead in the ever-evolving landscape of software supply chain security. Whether you are a developer, IT professional, or security expert, this webinar will equip you with the knowledge and tools needed to safeguard your software supply chain effectively. Register now to secure your spot!

Who Should Attend:
IT and Security Professionals
CIOs, CISOs, and IT Directors
Risk and Compliance Managers
Business Owners and Executives
Anyone interested in enhancing their organization's cybersecurity posture

Moderator

Colin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.

Panel

Saša Zdjelar, Chief Trust Officer, ReversingLabs. Saša is the Chief Trust Officer (CTrO) at ReversingLabs and Operating Partner at Crosspoint Capital with ~20 years of Fortune 10 global executive leadership experience. His CTrO scope includes leadership, oversight and governance of the CISO/CSO function, including product security, as well as partnering with other leaders on corporate and product strategy, strategic partnerships and research, and customer and technology advisory boards, including sponsoring the ReversingLabs CISO Council. He is also a member of the Forbes Technology Council, a Fellow at the Cyber Readiness Institute (CRI), a member of the BlackHat CISO Summit Advisory Board and BlackHat Content Review Board, and engages in organizations such as Infragard, ISACA, and ISSA. His insights have been published in various industry publications, and he has spoken at numerous industry conferences and universities.

Michael Silva, Senior Solutions Architect at Astrix Security. Michael is a technology leader with over 17 years of experience and presently he pioneers of non-human identity management. Using the combined expertise of technical and customer facing roles, Michael has developed the ability to relate to customers, understand their pain points, and help define a strategy that will map to successful execution of business requirements.Before joining Astrix, Michael has been part of taking multiple start-ups from their infancy to acquisition. Most recently he was the Technical Director for a CNAPP (Cloud Native Application Protection Platform) called Lightspin, that was acquired by Cisco. At Lightspin, Michael designed the technical go-to-market strategy, developed strategic partnerships, and helped grow the business from its inception into the U.S. market. Michael has led a variety of teams from customer facing roles at Nutanix and Progress Software (formerly Chef) to technical teams at Cisco and various managed service providers. His knowledge is deeply rooted in public cloud security across all major cloud service providers as well as Kubernetes security. Aside from professional experience, Michael holds many professional and specialty certifications from AWS, GCP, SANS, and Nutanix, and is a veteran of the U.S. Marine Corps.

Paul Asadoorian is currently the Principal Security Evangelist for Eclypsium and the founder of Security Weekly, a security podcast network (acquired by CyberRisk Alliance in 2020). Paul's previous roles have been spent “in the trenches” coding in Python, testing security products, and evaluating and implementing open-source software. Paul's career began by implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. 

Josh Bressers is vice president of security at Anchore where he guides security feature development for the company’s commercial and open source solutions. He serves on the Open Source Security Foundation technical advisory council, is a co-lead of the OpenSSF SBOM Everywhere project, and is a co-founder of the Global Security Database project at the Cloud Security Alliance.