The same principle also applies to other instances of interconnectivity, such as mergers, acquisitions, and strategic alliances. Organizations that are more interconnected, such as those at the top of long supply chains or with many subsidiaries, will naturally develop greater risk exposure. This raises the question of whether we can reasonably expect security teams to manage the security of their suppliers by proxy, with limited visibility and control. Is there a better way of thinking about supply chain risk, based on how risk is managed across other chains?
Join us for a panel discussion led by our consultants working across DevOps, cloud, product security and incident response (IR). They’ll provide information on how risk is introduced into environments, as well as their recommendations for securing the supply chain by addressing the inevitable risks with more effective approaches.
What you'll learn:
If you have any questions or related topics you'd like us to cover, please submit them here.
Head of Strategic Alliances, F-Secure Consulting
Julia is a languages graduate and found her way into the infosec world three years ago. Now a certified cyber risk management practitioner, Julia is particularly interested in the impact of cyber attacks. Most of all though, she is passionate about collaborating with others in the industry to discuss common challenges and share ideas.
Security Consultant, F-Secure Consulting
Emilian is a cloud security consultant, who began his career in the mobile security space. He conducted projects across mobile and web application pen-testing, before discovering his interest in cloud security. Currently, he specializes in Microsoft Azure and Office 365. When not performing cloud assessments and purple team engagements with clients, he's busy either getting his next Microsoft certification or developing small Azure training environments.
Jordan La Rose
Incident Response Lead (North America), F-Secure Consulting
Jordan is a security consultant and incident response Investigator, responsible for leading IR, attack detection, and digital forensics training. He has driven penetration testing and IR services for clients worldwide, developed the 24/7 US IR consulting capability, and presented his own research across a spectrum of infosec topics.
Security Consultant F-Secure Consulting
Neil began his career as a mobile consultant, working on projects including mobile application pen-testing, breaking IoT devices, and rooting POS devices. During this time, he also achieved certification as an Offensive Security Certified Professional (OSCP), developing a more holistic view of cyber security. This eventually led him to focus more specifically on DevOps, looking at the security of the practice in terms of the people, processes, and technology (PPT) involved.
Thierry Decroix, Global Head of Product Security, F-Secure Consulting
Thierry is a security consultant who started assessing the security of software applications over 20 years ago. He has since gained considerable experience across many security domains, including hardware and product security.
Thierry is passionate about information security in general and product security (ProdSec) in particular. When he isn’t getting his hands dirty with research into cyber-physical systems, he’s focusing on enabling our global team of ProdSec consultants to improve the client’s security and resilience.