The NICE Symposium: A Coordinated Approach to Supply Chain Risks was a half-day virtual symposium that served as a precursor to the annual NICE Conference in June 2022.
In light of dramatic events and emerging threats, experts came together on Tuesday, November 16 to discuss the role of the cybersecurity workforce and the need for a coordinated response to strengthen the supply chain.
Panel 1: Risk and Policy Considerations for Securing Cyberspace and Critical Infrastructure
The Executive Order on Improving the Nation’s Cybersecurity indicates “that the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.” This panel discussion will explore cybersecurity in the context of enterprise risk management, as well as emerging policies and practices that are needed to drive improvements in both the public and private sectors. Panelists will also discuss the competencies, work roles, education, and training that will be needed to support the envisioned security improvements.
Panelists:
- Amanda Craig, Director, Cybersecurity Policy Digital Diplomacy, Microsoft
- Julie Anne Chua, Director, Governance, Risk Management, and Compliance Division, U.S. Department of Health and Human Services
- Kevin Stine, Chief Cybersecurity Advisor, National Institute of Standards and Technology (NIST), U.S. Department of Commerce
- Moderator: Mark Montgomery, Senior Fellow at Foundation for Defense of Democracies and Senior Advisor, Cyberspace Solarium Commission
Panel 2: Enhancing Software and Technology Supply Chain Security
The prevention of cybersecurity events begins with the secure design and development of software and infrastructure that are securely operated and maintained. This panel discussion will describe what is necessary to create organizational cultures and systems that support built-in security in software development operations (DevSecOps). The panel will also introduce preliminary guidelines for enhancing software supply chain security and explore education and training options that can cultivate talented practitioners who improve the security and integrity of the software and technology supply chain.
Panelists:
- Jermaine Roebuck, Deputy Associate Director of Threat Hunting, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security
- Dr. David A. Wheeler, Director of Open Source Supply Chain Security, Linux Foundation
- Dr. Carol Woody, Technical Manager, Software Engineering Institute, Carnegie Mellon University
- Moderator: Dr. Raquel Hill, Chair of the Computer and Information Sciences Department, Spelman College