Supply Chain Risk Management: Managing Third Party and External Dependency Risk
• Podcast
Publisher
Software Engineering Institute
Topic or Tag
Listen
Abstract
In this podcast, Matt Butkovic, the Technical Manager of CERT’s Cybersecurity Assurance Team, and John Haller, a member of Matt’s team, discuss approaches for more effectively managing supply chain risks, focusing on risks arising from "external entities that provide, sustain, or operate Information and Communications Technology (ICT) to support your organization." This is sometimes referred to as third party or external dependency risk.
About the Speaker
John Haller
John Haller is the Technical Manager of Cyber Assurance in the CERT program, at the CMU Software Engineering Institute (SEI). John is responsible for supporting a research and consulting portfolio focused on the security and resilience of the nation’s critical infrastructure, including defense assets and systems.
John has 20 years …
Read more
Matthew J. Butkovic
Matthew Butkovic is the Technical Director of the Cyber Risk and Resilience Assurance Directorate in the CERT Division of the Carnegie Mellon University Software Engineering Institute (CMU SEI).
Matt performs critical infrastructure protection research and develops methods, tools, and techniques for evaluating capabilities and managing risk. This includes addressing the …
Read more
Julia H. Allen
Julia Allen is an SEI alumni employee.
Julia Allen is a principal researcher within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. Allen’s areas of interest include operational resilience, security governance, and measurement and analysis. Prior to this technical …
Read more