The industry has witnessed the most significant breaches and security incidents related to the supply chain, including SolarWinds and Log4Shell, highlighting that enterprise security teams must not overlook an organization's software supply chain. These include mishaps involving business associates, vulnerabilities, and exploits pertaining to third-party software and supply chain partners. Organizations have now established departments focused exclusively on third-party vendor risk management to assess and mitigate third-party risks. However, the big question arises: how to strengthen supply chain security and evolve a strategic approach to reduce risk.

Featured Panelist: 

• Karin Hone, Group Chief Information Security and Risk Officer, Barloworld – South Africa
• Sridhar Marupadige, Global Head of Information Security Third Party Risk Management, Novartis - India
• Leonard Ong, Regional CISO APAC, GE Healthcare - Singapore
• Chan Wai Hong Welcome, Head of Technology Risk Management, ICBC Asia (Industrial and Commercial Bank of China (Asia) Limited) - Hong Kong

The panel will discuss:

· Lessons from SolarWinds and the Log4j

· How to evaluate third-party vendors and eliminate risks by using the right tools

· Enhancing operational resilience against supply chain threats using AI, data analytics, and cybersecurity frameworks

· How to streamline software bills of materials against growing supply chain threats