From a Cyber Security Perspective – A CIO must look at risk management. Two issues that need to be addressed in parallel:

A session at Triangle InfoSeCon

Thursday 8th October, 2015

11:15am to 12:00pm (EST)

The IT Equipment that is already in place that has known vulnerabilities.
Establishing TRUST in the purchase of new or replacement equipment to reduce the risk to national security and personal information.
The Challenges facing a CIO are:

Can’t restrict purchases to US manufacturing because ALL computer hardware is manufactured in the Far East (mostly China)
Suppliers have to be more “transparent” with their sourcing of hardware, software and firmware
Suppliers have to take lead by demonstrating the reduction of risks up front.
A CIO must focus on the internal & external windows:

Internal:  - Lock down the “Fort” and protect what is inside the “Moat”.
- Security concerns are focused on infrastructure.
- Use existing Firmware, SOC, NOC, sniffers, contractors.
- Need to quickly remediate issue found with hardware, software and firmware already in place.
External:  - What do you “Trust” that’s an add-on to the Network infrastructure.
- CIO’s accept a certain level of “Risk” in their appliances.
- Affects both Hardware and Software appliances.
- Security in the Supply Chain is a critical part of Risk Management
- The Supply Chain can react much more quickly than public sector entities – need to take advantage of this.
So what’s the answer? – a look at a Supply Chain Checklist that all industry & public sector CIO’s should follow.

About the speaker

This person is speaking at this event.
Jerry Fralick

Chief Security Officer, Think Business Group at Lenovo bio from LinkedIn

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 11:15am12:00pm EST

Date Thu 8th October 2015

Short URL


Official event site


View the schedule


See something wrong?

Report an issue with this session