Renee Murphy, principal analyst at Forrester, and Cynthia Overby, co-founder and president at KRI Security
About this talk
The hackers who infiltrated vendor SolarWind's network-performance monitoring software thoroughly compromised their target through the vendor's software supply chain.
This attack brought world-wide visibility to issues surrounding the security of software supply chains. Organizations are now requiring their software vendors to fill out long questionnaires of little value in order to meet compliance requirements that they have taken reasonable steps to ensure that they haven’t suffered a similar compromise. Software vendors in turn are requiring their subcontractors to fill out such questionnaires, and this goes on down the chain.
In this presentation we will discuss the real risks and best practices in Supply Chain Risk Management, with a key focus on mainframe software.
KRI is an experienced and versatile provider of mainframe security services and software with the intent to modernize mainframe security practices. We have the software that will provide both detection and response to critical z/OS vulnerabilities, monitor critical security parameters for deviations, as well as evaluate operational security policies for compliance..…