Fortifying Digital Trust
Session
Thursday, November 16, 2023 11:15—12:15
Location: Sirius
Log in to download presentations
Thursday, November 16, 2023 11:15—12:15
Location: Sirius
Watch the video
Paul Fisher delves into the multifaceted approach required to foster trustworthiness within complex software supply chains. This discussion begins by delineating the critical components of software supply chains and the potential risks associated with each link—from development and deployment to maintenance and decommissioning.
Key to establishing a chain of confidence is the adoption of transparent processes and tools that provide verifiable evidence of security at each step. The audience will be introduced to Software Bill of Materials (SBOM), cryptographic signing, and continuous integration/continuous deployment (CI/CD) pipelines fortified with automated security checks.
The talk will also consider the human aspect, emphasizing the need for cultivating a culture of security awareness and collaboration among stakeholders. This includes not only developers and security professionals but also suppliers, distributors, and end-users.
Finally, the talk will provide actionable insights and strategies for organizations to audit, monitor, and continuously improve their software supply chains.
Watch the video
Zero trust is being embedded into law across the world enforcing privacy, data residency and consent. How do companies and governments share patient data global during a pandemic to measure the efficacy of a vaccine? How do financial services organisations share intelligence on suspected terrorist funding, money laundry or sanctions evasion? How is this achieved in the emerging world of data nationalism?
Developing a secure data sharing service is a complex proposition that need to embed change into operations.
Join this session to discuss:
- Establishing a global secure data sharing service
- Real world customer use case of the applications of Secure Data Sharing
- How to supply AI models with the data required while respecting zero trust
Watch the video
Security should cover more than just what we know. As a common practice, we define the scope of assessment including the systems, networks, applications, and data that will be assessed. Hackers, by their very nature, have no predefined scope. They often seek to exploit any entry points they can find, those we may consider less significant or even we aren't aware of yet. Unknown threats are lurking in the shadows! This talk will delve into how attack surface discovery and management contribute significantly to visibility, a pivotal foundation of effective cyber defense strategies.
