Webinar Recording

Protecting the Business From Software Supply Chain Threats

Posted on Apr 08, 2022 by Mike Small

Recent events such as the SolarWinds and Kaseya compromises by malicious actors have demonstrated the need to focus significantly more on software supply chain security. According to a report from ENISA, supply chain attacks are increasing, with 66% of attacks focusing on source code and 62% exploiting customer trust in suppliers. This is a risk organizations can’t afford to ignore.

Show description

Presentation Mike Small

Presentation Richard Archdeacon

Speakers

Advisory CISO
Duo Security

Richard Archdeacon

Richard is the Advisory CISO for the EMEA region. He was previously with DXC - HPE - where he was a Chief Technologist in the Security Practice working with clients across all industries and regions. Prior to that, he worked for Symantec for many years. He has also held posts with security...

View profile

Senior Analyst
KuppingerCole

Mike Small

Mike Small is the retired director of security management strategy of CA, where he was responsible for the technical strategy for CA's security management software product line within Europe, Middle East and Africa. Mike did work for CA between 1994 and 2009, where he developed CA’s...

View profile

Lead Sponsor

Playlist

KuppingerCole Webinars

Webinar Recording

Implementing Zero Trust With Privileged Access Management Platforms

There is no debate about the fact that ransomware is the fastest-growing kind of cybercrime. Due to their wide range of access rights and thus potential ransom leverage, privileged accounts are at the top of the target list for cybercriminals. Therefore, organizations need to pay special attention to securing these kinds of accounts.

Watch

Webinar Recording

Effective Cyber Risk Quantification Through Automation

Continual high-profile cyber incidents demonstrate beyond a doubt that cyber risks exist, but most organizations struggle to quantify cyber risk in a useful way. There is an urgent need for IT security leaders to find a common way to express cyber risk in monetary terms, that business leaders understand to enable effective risk management and security investment.

Watch

Webinar Recording

Debunking Common Myths about XDR

Cyber attacks are continually evolving and so are cyber defense technologies. In a few decades we have moved from anti-virus protection through an alphabet soup of acronyms, including EPP, EDR, EPDR, NDR, CWPP, SIEM, SOAR, and now XDR. It is therefore important for businesses to get a good understanding what combination of defense technologies to choose and why.

Watch

Webinar Recording

Cybersecurity-Teams mit Managed Detection Response stärken

Organisationen, die die Digitalisierung ihrer Businessprozesse versäumen, werden es in naher Zukunft schwer haben, wettbewerbsfähig zu bleiben. Mit zunehmender Digitalisierung steigen aber auch die Cyberrisiken, weil die Verlagerung von Dienstleistungen in die Cloud und die zunehmende Unterstützung von mobilem und dezentralem Arbeiten die Bedrohungsflächen rapide vergrößert. IT-Sicherheitsteams haben nicht zuletzt wegen geringer Budgets und mangelndem Know-How Mühe, Bedrohungen zu erkennen, darauf zu reagieren und sie einzudämmen, zumal diese zunehmend von staatlicher Seite ausgehen und mit Lieferketten zusammenhängen.

Watch

Webinar Recording

Secure DevOps: Key to Software Supply Chain Security

In the modern world of flexible and remote working, it is useful for software engineers to be able to access and update source code from anywhere using any device, but the SolarWinds supply chain attack showed that it is essential to track every change for security and compliance reasons.

Watch

Webinar Recording

A DevSecOps Maturity Model for Secrets Management

Recent high-profile software supply chain attacks have highlighted the importance of security in the DevOps environment. But this can be challenging because DevOps teams are at the forefront of digital transformation and use agile techniques to deliver applications quickly, often not following traditional paths of identity management.

Watch

Webinar Recording

Implementing Modern and Future-Proof PAM Solutions

Privilege Access Management (PAM) is changing, driven by the move of most businesses from on-prem IT applications and infrastructure to the cloud, resulting in a multi-could, multi-hybrid IT environment. This has resulted in a proliferation of privileged identities that need to be managed.

Watch

Webinar Recording

IAM Projects Done Right

Delivering effective IAM is not always easy, and around half of IAM projects run into difficulties and stall. While opting for IAM that is delivered as a service is a potential solution, not all offerings are equal. Finding a service with the right combination of well-integrated capabilities is crucial to success.

Watch

Webinar Recording

Making Zero Trust a Reality: Basing Decisions on Valid Identity Data

Cloud computing and mobile workforces have resulted in an expanding attack surface and a complex web of identify information. This means that traditional perimeter-based security models are no longer effective. A Zero Trust model of strict access control for every user and device enables businesses to be connected and secure, but an effective identity-focused approach is essential.

Watch

Webinar Recording

Why Architects Should Rethink Authorizations

In the digital era, organizations are increasingly interacting online with contractors, partners, and customers. Traditional role-based authorization frameworks are not designed to provide these external identities with the right access to resources, services, and apps. A new approach is required.

Watch