Powering Strong Communities

PublicPowerX Webinar: Holistically Managing Risk and Compliance with a Supply Chain Central Library

Learn how to manage risk, automate regulatory compliance, reduce burdensome redundancies, and reduce costs by leveraging a supply chain central library.
March 3, 2022
2:00pm - 3:00pm Eastern

Recent surveys reveal that 93% of organizations have been impacted by a cybersecurity breach due to weaknesses in their supply chains. In 66% of reported incidents, attackers compromised third party technologies.

Traditional third-party risk assessment services are a large financial undertaking for any business. Critical industries often lack budget and infrastructure to support initial vetting and continuous monitoring of their vendor network. This leaves them vulnerable to breaches. The good news is that automation and economies of scale have made well-developed risk management programs affordable and achievable for any organization that supports critical infrastructure.

Join us on March 3 at 2 p.m. Eastern to learn how to manage risk, automate regulatory compliance, reduce burdensome redundancies, and reduce costs by leveraging a supply chain central library. You’ll find out how you can manage and resolve challenges in both vendor risk and product risk disciplines, while achieving and simplifying regulatory compliance and eliminating burdensome redundancies.

Topics covered:

  • Using and managing validated product assessments at scale to provide visibility to vulnerabilities, patch history, and security controls
  • Automating compliance management and audit preparation to enable effective documentation to regulatory standards such as NERC CIP, NDAA and CMMC
  • Gaining visibility to and documenting insights into the geopolitical relationships of vendors, their products, and their 4th party suppliers
  • Using data-driven risk ranking to determine the criticality and cyber maturity of supplier assets to quickly prioritize vendors into tiers
  • When and where to apply software and hardware (bill of materials) analyses to uncover open-source vulnerabilities, outdated components, and any component-level exposure to foreign ownership control or influence (FOCI) risk
  • When and where to apply continuous monitoring of active vendors and cyber assets in a technology ecosystem


Tobias Whitney, VP of Strategy & Policy, at Fortress Information Security

Who Should Attend

General managers/CEOs, security & compliance officers, risk professionals, procurement professionals, and engineering & operations professionals interested in third-party risk management.


This webinar is free to APPA members. Nonmembers can attend for $225.

Can't participate in the live webinar? Register anyway to access the recording!

Following the webinar, we’ll email you a link to the presentation and webinar recording to view at your convenience.

Register Today.

You will need web credentials to register. If you do not have them, please create them before you register.


This is a sponsored educational opportunity