A conversation with:

Jon Check

Senior Director, Cyber Protection Solutions

Cybersecurity and Special Missions

Raytheon Intelligence, Information, and Services

Joyce Corell

Assistant Director, Supply Chain and Cyber Directorate,

National Counterintelligence and Security Center

Office of the Director of National Intelligence

John Costello

Senior Advisor to the Director, Cybersecurity and Infrastructure Security Agency

US Department of Homeland Security

Beau Woods (moderator)

Cyber Safety Innovation Fellow

Scowcroft Center for Strategy and Security

Atlantic Council

Software supply chain attacks have caused some of the most damaging cyber incidents in history, including the 2017 NotPetya malware incident. As malicious actors move away from traditional phishing and ransomware attacks in favor of intrusion via the supply chain, the risk to all industries and sectors – from oil and gas utilities to election infrastructure – becomes more pronounced. The response? Resiliency and supply chain visibility—such as knowing the origin and composition of your software and hardware components, and the resilience and dependability of your vendors—are essential to managing supply chain risks.

Supply chains are only as strong as their weakest link. National security and critical infrastructure increasingly depend on internet-connected systems. While extensive supply chains can increase capabilities and decrease costs, they can also increase potential attack surface and exposure to adversaries, especially for small and medium-size businesses. Please join us for a discussion on how organizations can establish and maintain supply chain visibility, not only for security but for regulatory compliance. This Cyber Risk Wednesday, join us for a dynamic and solution-oriented discussion on the role of information sharing and education in mitigating supply chain risks, and whether a strong government response can deter attacks. 

On Twitter? Follow @CyberStatecraft and use #CyberRiskWednesday