STC 2015

Abstract Details

10/13/2015 | 10:45 AM - 11:30 AM | Pacific II

The Cyber Supply Chain: Strategies for Managing the Risks and Challenges

Counterfeits, malware, backdoors, and suspect code in software, are threatening national security, industry, and critical infrastructure. Cyber is at the heart of everyday operational activities and Information Communications and Technology (ICT) assets. Attendees will gain a broad understanding of the Cyber Supply Chain Risk Management (SCRM) discipline, best practices, tools, and challenges faced when acquiring, managing and sustaining organizational ICT systems and why it’s become an operational and national strategic priority. It is recognized as a core component of our integrated military and government systems; as well as the Defense Industrial Base (DIB) and the Nation’s Critical Infrastructure. Attendees will gain a clearer understanding of the cyber supply chain’s global dependencies and what is needed to deliver reliable and secure technology to their commercial organization or government agency. Upon the completion of this session, government and Industry leaders will be better positioned to recognize and mitigate cyber supply chain risks, better understand the complexity and related supply chain threats to their trusted systems, while also recognizing the various roles, responsibilities, and actions of cyber supply chain participants. Participants will be exposed to: - Possible scenarios that clearly depict the dangers presently found in the cyber supply chain - 3 Incidents affecting the military weapons system ICT supply chain - A fascinating Government Accountability Office report on the extent of counterfeits in the Cyber Supply Chain - How inroads are being made into critical infrastructure (hardware & software) in the SmartGrid and Automatic Metering Infrastructure - The affect Supply Chain Risk Management (SCRM) will have on the cost, schedule & performance of future ICT systems - How conducting a Criticality Analysis can help focus your attention and resources accurately - How having a Program Protection Plan can provide a level of assurance across a number of systems - A huge resource that specifies Common Weaknesses in Software, Common Vulnerabilities, and Common Attack Patterns. The vulnerabilities, weaknesses, and attack are all described in detail and exact patches and countermeasures are offered. - How to answer the question, “which of my systems are the most vulnerable, new or legacy?” Cyber Supply Chain Risk Management (Cyber SCRM) occurs at the intersection of three distinct disciplines, Acquisition, Logistics, and Risk Management. Professionals operating in this niche area require a broad educational and experiential background.

Cyber Supply Chain

Presentation:
This presentation has not yet been uploaded.

Handouts:
No handouts have been uploaded.

Russell Mattern (Primary Presenter), National Defense University, matternr@ndu.edu;
Dr. Russell Mattern, a Professor of Systems Management at the National Defense University iCollege since 2002, runs two graduate-level courses; Strategies for Assuring Cyber Supply Chain Security, a Supply Chain Risk Management (SCRM) course, and Strategic Information Technology Acquisition. Dr. Mattern served 26 years in the US Air Force, retiring as a Colonel. He holds a BS and MS degree in Computer Science as well as MS degrees in other areas. He earned a Doctor of Optometry degree at Ohio State University and has been a licensed, practicing Optometrist since 1980.

Michael Donohoe (Co-Presenter), University of Pittsburgh, Katz School of Business, donohoem@pitt.edu;
Dr. Michael J. Donohoe is an information technology professional, with 35 years in various senior business, military, and academic positions. As a faculty member at the Joseph M. Katz School of Business, University of Pittsburgh, Professor Donohoe teaches undergraduate, graduate,and executive management business courses in Information Systems, Operations Management, IT Project Management, Supply Chain Management, and Executive-Level Cyber Security Management. He is a visiting professor to the Katz Global Executive MBA schools (Brazil and Czech Republic). Dr. Donohoe previously held a faculty position at The National Defense University, iCollege, educating both military and government leaders in information technology optimization.