A recent wave of high profile cyber-attacks on critical national infrastructure organisations has seen supply chain risk escalated to the forefront of governmental agendas. On both sides of the Atlantic, governments are strengthening supply chain management through legislative and non-legislative means to address one of the fastest-growing threats to global security and prosperity.
Join us for the latest in a series of thought leadership discussions hosted by the Transatlantic Cybersecurity Business Network in which a high-profile panel of subject matter experts from government and industry in the US and UK will discuss the critical issue of supply chain cyber risk.
Jon Boyens – Deputy Chief, Computer Security Division, NIST, U.S. Government
Irfan Hemani – Deputy Director for Cyber Security, DCMS, UK Government
Haydn Brooks – CEO, Risk Ledger Ltd
Andy Watkin-Child – Founder, Parava Solutions and CMMC-Europe
Keith Driver – CTO Cyber, Raytheon UK
Deputy Chief, Computer Security Division
NIST, U.S. Government
Deputy Director for Cyber Security
DCMS, UK Government
Risk Ledger Ltd
Parava Solutions and CMMC-Europe
About the Speakers
Jon Boyens is the Deputy Chief of the Computer Security Division in the Information Technology Laboratory at the National Institute of Standards and Technology (NIST). His responsibilities include Cybersecurity Research and Development at NIST and Cybersecurity Standards and Guidelines for Federal Agency Security Programs. He also leads NIST’s Cyber Supply Chain Risk Management (C-SCRM) Program, helps develop and coordinate the Department of Commerce’s cybersecurity policy among the Department’s bureaus, and represents the Department in the Administration’s interagency cybersecurity policy process. Boyens has worked on various White House-led initiatives, including those on trusted identities, botnets, the Cybersecurity Framework and Roadmap, telecommunications supply chain, software supply chain, and government-wide implementation of the Federal Acquisition Supply Chain Security Act, serving as NIST’s principal to the Federal Acquisition Security Council.
Since 2010, Boyens has conducted research to identify, evaluate and develop technologies, tools, techniques, practices, and standards needed to enable organizations to manage supply chain risk. Building on this research, he led a team to develop and issue a set of foundational, standardized, repeatable, and feasible practices to help organizations manage cyber supply chain risks to their organizations and systems. These practices were released in 2015 as NIST Special Publication 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations. Continuing on this line, Boyens has since released research and findings on criticality analysis, industry key practices for Cyber SCRM, supplier interdependency and impact analysis, and is currently in the process of updating SP 800-161.
Irfan Hemani is Deputy Director for Cyber Security, DCMS, UK Government. He is responsible for Cyber Resilience Policy for the UK’s wider economy and society Analysis and Evidence gathering, along with the International and Strategy teams. He is also the author of the Harvard Belfer Center’s National Cyber Power Index, alongside being a non-executive Director at a UK non-profit organisation focusing on Health and Mental Wellbeing in local communities. He also previously worked in Deloitte’s Technology Risk Advisory team.
Haydn Brooks is the CEO of Risk Ledger. Risk Ledger’s technology combines a security governance platform with a secure social network. It helps organisations significantly reduce the cost of running a supply chain security programme whilst collecting better quality and more actionable data over their suppliers. Previously, at KPMG and Deloitte, Haydn developed cyber security expertise with a particular specialty in supply chain security. As an in-house expert on supply chain security, Haydn identified the need for supply chain security to work better for all parties involved. Since co-founding Risk Ledger, he has led the growth of the company into one of the leading British cyber security start-ups; securing clients like BAE AI, NHS Test and Trace and Schroder’s Personal Wealth while winning innovation competitions run by the UK’s National Cyber Security Centre, TechUK, and Spain’s South Summit.
Andy Watkin-Child is a technology, risk and security executive with over 20 years experience as Group VP cyber risk, Chief Information Security Officer (CISO), Head of IT and European head of cyber and risk. He is a founding partner of Parava Security Solutions and a member of the CMMC AB Standards Working group and a member of the Advisory Board of the Cybersecurity Maturity Model – Center of Excellence (CMMC-CoE) and founder of CMMC Europe. Andy has built and grown global 1st and 2nd Lines of Defence functions for cyber security and risk management for International organisations including Grupo Santander, Mizuho Corporate Bank, Penguin Random House and Rolls-Royce plc. He is a Chartered Security Professional (CSyP) and Chartered Engineer (CEng) and member of the Register of Chartered Security Professionals and member of the Board of the Security Institute (MSyI) as well as a Practicing Associate of the Academy of Experts (TAE) and counsel appointed witness in cyber and risk. He is a freeman of the Worshipful Company of Security Professionals (WCoSP), as well as a Practicing Associate of the Academy of Experts (TAE) and counsel appointed witness in cyber and risk.
Keith Driver joined Raytheon UK as CTO Cyber in 2015. He has a distinguished career in the telecommunications and security industry as a technology leader and board member in a variety of SME and large organisations, delivering growth and technical advantage through strategy definition and innovation. He has worked extensively with commercial, defence and government sector customers globally. In 2019 Keith also joined the board of Titania, a cybersecurity product company in Worcester UK, as CTO.
Please register for this event here.
A specialist management consultancy practice that helps cyber business leaders understand and engage in the transatlantic cyber security market.
Plexal is an innovation centre and coworking space that specialises in building collaborative communities.
Its innovation team are leaders in building expansive ecosystems across government, industry, academia, investors, and SMBs to tackle some of the biggest challenges facing society and the economy. Since 2018, Plexal has played a central role in the delivery of the UK’s National Cyber Security Strategy through its leadership of LORCA, Europe’s largest cyber innovation programme.
Political Intelligence is a leading strategic communications consultancy in the technology sector. In addition to providing government relations and media support to help clients achieve their business objectives, it also manages well established industry bodies such as The Internet Service Providers Association, The HealthTech Alliance, Comms Council UK and Insurtech UK