Software Engineering Institute

According to the Verizon Data Breach Report, Log4j-related exploits have occurred less frequently over the past year. However, this Common Vulnerabilities and Exposures (CVE) flaw was originally documented in 2021. The threat still exists despite increased awareness. Over the past few years, the Software Engineering Institute (SEI) has developed guidance and practices to help organizations reduce threats to U.S. supply chains. In this webcast, Brett Tucker answers your enterprise risk management questions to help your organization achieve operational resilience in the cyber supply chain.

Send us your questions ahead of the webcast:

• email: info@sei.cmu.edu (Use the subject SCRM.)
• LinkedIn: #SCRMsei
• YouTube chat (available once the stream opens)

What attendees will learn:

• Enterprise risk governance and how to assess organization’s risk appetite and policy as it relates to and integrates cyber risks into a global risk portfolio
• Regulatory directives on third-party risk
• The agenda and topics to be covered in the upcoming CERT Cyber Supply Chain Risk Management Symposium in February