AFCEA Atlanta Homeland Security Session: Supply Chain Cybersecurity & Cybersecurity Maturity Model Certification (CMMC)

  • Room: Innovation Theater, Marquis Ballroom C/D
Wednesday, September 07, 2022: 11:30 AM - 12:30 PM

Speaker(s)

Moderator
Maria Horton
FedRAMP Program Manager and Cloud Strategist
EmeSec (a DecisionPoint Corporation subsidiary)
Moderator
Shivaji Sengupta
Board Member and Chair of Innovative Technology Subcommittee, AFCEA International
Founder and CEO, NXTKey Corporation
Panelist
Kevin Greene
Security Strategist
CyberRes Federal
Panelist
Paul Kinney
Chief Technical Executive - US Federal
HCL Federal
Panelist
Matt Vepraskas
Director, Procurement and Enterprise Partnerships
Leidos

Description

When folks think about cybersecurity, they most often think of securing their networks, software, and digital assets against cyber-attacks and data breaches. But the supply chain - whether a traditional manufacturer or service provider's supply chain or the "data supply chain" relied on by most companies is also vulnerable to security risks, as has been seen in a litany of major data breaches via third parties.

The concept of supply chain is associated with the ability to effectively orchestrate multiple vendors to deliver a final product or service. The complementary adoptions of low-cost interoperable technologies, alongside rapid innovations in physical and virtual systems/applications, now comprise the core risk drivers of today’s public and private sector supply chains. Every company large and small in the DIB has a place in the supply chain, and supply chains are evolving to be as much about the flow of information as they are about the flow of goods and services.

As part of this panel, we are looking to address some key concerns like:

  • Will CMMC limit the risks of the information supply chain?
  • Will CMMC protect the Cyber Supply Chain it can’t see?
  • How to address the Software Bill of Materials (SBOM) listed in the EOP? 


Tracks:


Handouts


Sponsored by:

Approved for 1 CompTIA CEU: A+, Network+, Security+, Linux+, Cloud+, PenTest+, CySA+, and CASP+; 1 GIAC CPE; and 1 CertNexus CEC for CFR