F-Secure Consulting Event

Securing your Supply Chain

July 22, 2021

16:00 - 17:00 BST

ONLINE - Global

Supply chain risk in a cyber security context doesn’t describe a single risk or challenge. It represents the collective risk an organization is exposed to through its dependencies and interconnectivity with other organizations and their technology.

The same principle also applies to other instances of interconnectivity, such as mergers, acquisitions, and strategic alliances. Organizations that are more interconnected, such as those at the top of long supply chains or with many subsidiaries, will naturally develop greater risk exposure. This raises the question of whether we can reasonably expect security teams to manage the security of their suppliers by proxy, with limited visibility and control. Is there a better way of thinking about supply chain risk, based on how risk is managed across other chains?

Join us for a panel discussion led by our consultants working across DevOps, cloud, product security and incident response (IR). They’ll provide information on how risk is introduced into environments, as well as their recommendations for securing the supply chain by addressing the inevitable risks with more effective approaches.

What you'll learn:

  • The risk-based implications of open-source development, third party-libraries and uncontrolled security plugins
  • Key cloud principles and how to better manage flaws associated with identity and access management (IdAM)
  • How to enable your developers to keep up with the changing pace of cloud environments
  • The steps you can take to reduce the risk associated with introducing new products, including third-party components 
  • The benefits of shifting your focus to behavioral analytics for detection rules
  • Mitigations for risks from each discipline area, based on real-world examples

If you have any questions or related topics you'd like us to cover, please submit them here

Speakers

Julia Ward

Julia Ward 
Head of Strategic Alliances, F-Secure Consulting

Julia is a languages graduate and found her way into the infosec world three years ago. Now a certified cyber risk management practitioner, Julia is particularly interested in the impact of cyber attacks. Most of all though, she is passionate about collaborating with others in the industry to discuss common challenges and share ideas. 

Emilian Cebuc

Emilian Cebuc
Security Consultant, F-Secure Consulting

Emilian is a cloud security consultant, who began his career in the mobile security space. He conducted projects across mobile and web application pen-testing, before discovering his interest in cloud security. Currently, he specializes in Microsoft Azure and Office 365. When not performing cloud assessments and purple team engagements with clients, he's busy either getting his next Microsoft certification or developing small Azure training environments.

Jordan Larose

Jordan La Rose
Incident Response Lead (North America), F-Secure Consulting

Jordan is a security consultant and incident response Investigator, responsible for leading IR, attack detection, and digital forensics training. He has driven penetration testing and IR services for clients worldwide, developed the 24/7 US IR consulting capability, and presented his own research across a spectrum of infosec topics.

Neil Roëbert
Security Consultant F-Secure Consulting

Neil began his career as a mobile consultant, working on projects including mobile application pen-testing, breaking IoT devices, and rooting POS devices. During this time, he also achieved certification as an Offensive Security Certified Professional (OSCP), developing a more holistic view of cyber security. This eventually led him to focus more specifically on DevOps, looking at the security of the practice in terms of the people, processes, and technology (PPT) involved.

Thierry Decroix

Thierry Decroix, Global Head of Product Security, F-Secure Consulting

Thierry is a security consultant who started assessing the security of software applications over 20 years ago. He has since gained considerable experience across many security domains, including hardware and product security.

Thierry is passionate about information security in general and product security (ProdSec) in particular. When he isn’t getting his hands dirty with research into cyber-physical systems, he’s focusing on enabling our global team of ProdSec consultants to improve the client’s security and resilience.

Watch on-demand

This event has passed. You can view the recording below.

Can't attend? Subscribe to our latest insights and upcoming events in your country.

Accreditations & Certificates

F-Secure Consulting (F-Secure Cyber Security (Pty) Ltd) is a level 4 contributor to B-BBEE with a procurement recognition level of 100%. Learn more and download our B-BBEE certificate. Click here to read the press release.

Follow us
@fsecure_consult F-Secure-Consulting f-secure-foundry fsecurelabs