Thursday 8th October, 2015
11:15am to 12:00pm
The IT Equipment that is already in place that has known vulnerabilities.
Establishing TRUST in the purchase of new or replacement equipment to reduce the risk to national security and personal information.
The Challenges facing a CIO are:
Can’t restrict purchases to US manufacturing because ALL computer hardware is manufactured in the Far East (mostly China)
Suppliers have to be more “transparent” with their sourcing of hardware, software and firmware
Suppliers have to take lead by demonstrating the reduction of risks up front.
A CIO must focus on the internal & external windows:
Internal: - Lock down the “Fort” and protect what is inside the “Moat”.
- Security concerns are focused on infrastructure.
- Use existing Firmware, SOC, NOC, sniffers, contractors.
- Need to quickly remediate issue found with hardware, software and firmware already in place.
External: - What do you “Trust” that’s an add-on to the Network infrastructure.
- CIO’s accept a certain level of “Risk” in their appliances.
- Affects both Hardware and Software appliances.
- Security in the Supply Chain is a critical part of Risk Management
- The Supply Chain can react much more quickly than public sector entities – need to take advantage of this.
So what’s the answer? – a look at a Supply Chain Checklist that all industry & public sector CIO’s should follow.
Sign in to add slides, notes or videos to this session