• 1000

06 November 2023, 7:00 PM to 8:30 PM IST

 

Please join us and select industry practitioners to learn about leading practices for design and execution of a successful software supply chain security programme.

The number of software supply chain security (SSCS) attacks has increased exponentially due to:

  • Heavy reliance on open-source code and third-party software components vs Internal Build Code when building a software product
  • Multiple vulnerable points throughout the supply chain lifecycle
  • Ability to target multiple customers by exploiting vulnerability in a component for one software product makes software supply chain attacks inherently more lucrative.

Regulatory scrutiny on SSCS has been steadily rising and most organisations/ software product suppliers are not adequately mature to effectively manage software supply chain attacks.

Topics for discussion:

  1. Industry trends and regulatory landscape (e.g., SBOM requirements, EO 14028, DHS Risk Management Act 2021, FDA, NIS 2 Directive, EU Cyber Resiliency Act etc.)
  2. SSCS programme governance
  3. Generating and maintaining SBOM
  4. Adopting risk management strategy to assess and manage SSCS lifecycle including contracting
  5. Building a SSCS risk aware culture
  6. Upcoming developments such as adopting SBOM, enhancing container security, evolving industry standards, composable software application architecture, integrating supply chain services, etc.

Internal Speakers

Atul Gupta

Partner and Head - Digital Trust and Cyber, KPMG in India

Srijit Menon

National Head for TPRM in India, KPMG in India

External Speakers

Javed Hasan

Co-Founder & CEO, Lineaje Inc

Sachin Kawalkar

Global CISO and Head of Cyber, Neeyamo

Surinder S Rait

Head of Global IT Security, Ericsson

Vijay Kumar Puttaswamy

Director, Information Security Compliance & GRC Transformation, VMWare

informative image