Supply chain issues are the current rage, but there hasn’t been much conversation about the obligation to protect against a misbehaving supplier. Is there an obligation to require that a vendor’s development and delivery environment be secure? Can organizations depend on that contractual obligation or is this a trust but verify situation? Is it possible to be found negligent because of too much trust? 

RSA® Conference, the world’s leading information security conferences and expositions, today concluded its 31st annual event at the Moscone Center in San Francisco. The year’s event attracted over 26,000 attendees, including 600+ speakers, 400+ exhibitors, and over 400 members of the media. Throughout the week, attendees networked on the expo floor and participated in keynote presentations, track sessions, tutorials, seminars, and special events.

Several of the most pressing topics discussed during this year’s Conference included issues surrounding privacy and surveillance, the positive and negative impacts of machine learning and artificial intelligence, the nuances of risk and policy, and cybersecurity-focused innovations across crypto and blockchain.

Are You Sure You’re Doing That Right? A Mock Hearing

Conference: RSA Conference 2022

Abstract

Post a comment

Related work

SLSA FRSCA Recipe For Secure Supply Chain

Addressing Cybersecurity Challenges in Open Source Software

Spicing up Container Image Security with SLSA & GUAC

Your Car is My Car

Keynote: Supply Chain Infections and the Future of Contactless Deliveries

Software supply chain safety: lessons from the industrial revolution