Onspring | Automating Risk Assessment for Enhanced Protection - Home
Register    ➤

Hero

Onspring | Automating Risk Assessment for Enhanced Protection

Header and Body

Tune in on July 30, 2024 at 2:00PM EST

In an era where cybersecurity threats continuously evolve, proactive third-party risk management is crucial for safeguarding organizational integrity and protecting the supply chain. Understanding the security scores of third-party organizations enables agencies to better anticipate potential vulnerabilities and mitigate risks effectively. How can automating risk assessment processes enhance efficiency and foster collaboration between cybersecurity and risk management teams? Join us as we delve into strategies for creating a seamless, collaborative environment between these critical functions, emphasizing the importance of cybersecurity in managing risk across the supply chain.

Speakers

Rebecca McWhite

Technical Lead for Cybersecurity Supply Chain Risk Management (C-SCRM)

Computer Security Division of the Information Technology Laboratory at the National Institute of Standards and Technology (NIST)

Read More

Rebecca McWhite

Technical Lead for Cybersecurity Supply Chain Risk Management (C-SCRM)

Computer Security Division of the Information Technology Laboratory at the National Institute of Standards and Technology (NIST)

Rebecca McWhite is the Technical Lead for Cybersecurity Supply Chain Risk Management (C-SCRM) in the Computer Security Division of the Information Technology Laboratory at the National Institute of Standards and Technology (NIST). In this role, she provides multifaceted technical subject matter expertise on C-SCRM for NIST guidance and publications, as well as coordinates NIST’s C-SCRM community outreach efforts. She also serves as the NIST Staff Lead for the interagency Federal Acquisition Security Council.

Prior to joining NIST, Rebecca led the operational SCRM program in the Defense Information Systems Agency’s Threat Mitigation Division, where she was responsible for strategic leadership and oversight of all Information Communications and Technology (ICT)-SCRM activities. Her portfolio included due diligence reporting on mission-critical ICT products and suppliers, extensible Bill of Materials (xBOM) mitigation via counterfeit detection efforts, and predictive software bill of materials (SBOM) analysis. She also previously served as the SCRM Director of Operations, managing the timely and effective coordination of daily department workflow activities from end to end.

Before joining the federal government, Rebecca was a senior analyst at the Defense Intelligence
Agency’s SCRM Program Office and Asia-Pacific Regional Center, as well as an open-source research subject matter expert at Department of Homeland Security (DHS) Customs and Border Protection. She also served as a visa security and counterterrorism specialist at DHS Immigration and Customs Enforcement. Rebecca received a bachelor’s degree in East Asian Studies from the Johns Hopkins University and a master’s degree in Strategic Intelligence from the Institute of World Politics.

Brett Sommers

Director of Products, GRC

Onspring

Read More

Brett Sommers

Director of Products, GRC

Onspring

Brett Sommers is the Director of Products, GRC at Onspring. Prior to joining Onspring, Brett served in various roles at Crowe LLP, a consulting and technology firm, with a heavy focus on GRC best practices. Brett also held leadership roles in GRC Equifax and SecureWorks. When Brett is not enmeshed in all things GRC, he can be found running through the woods, on the soccer field, or playing with his children.

Promo Image