In today’s digitally connected world, organizations must work with multiple partners across their lines of businesses. As these partners are allowed to connect into the parent networks, the risk of propagating a vulnerability from a partner into parent networks increases. Cybercriminals are looking to exploit the holes in the partner and supply chain networks to steal corporate information and valuable data from parent networks. As these targeted attacks can be a substantial risk to organizations along the breadth of the supply chain, software security experts have been working to find a more permanent way to ensure the integrity of the software supply chain. In this presentation, Cenzic’s CEO John Weinschenk will discuss the software supply chain domain, and the potential checks and balances that could enable companies to ensure the “chain of custody” as the applications connect across multiple networks. John will discuss methods for securing code as it is passed between organizations, and methods for improving the software development process so that vulnerabilities are less likely to be introduced. In addition, John will also discuss methods that enterprises can use to scan and test both in-house and off-the-shelf applications to ensure the security of new software and equipment, no matter what its source. He will also offer some tips on how to screen new technologies and applications for potential security vulnerabilities – no matter where they were written or manufactured.
Bio:
John Weinschenk is a technology executive who has led several companies to unprecedented success. John's career is marked by an unusually broad background in both engineering and business. John has led technical groups in key security and enterprise software firms, and has brought his in-depth understanding of the latest technologies, market dynamics, and business models to leadership roles in business-strategy and marketing divisions at leading corporations. He brings a unique and rich experience to his role in leading Cenzic from technology innovator to market leader. Prior to joining Cenzic, John was the Vice President of the Enterprise Services Group at VeriSign, the largest provider of digital trust services in the world. In that role, he held worldwide responsibility for marketing VeriSign's authentication, digital trust, and wireless services to Global 1000 companies. He forged several alliances with strategic partners, including IBM, where he drove the effort to embed VeriSign's public key infrastructure (PKI) technology in network access devices. During his two-year tenure at VeriSign, he led his division to double-digit revenue growth. Before VeriSign, he served as CEO at TransIndigo. While growing that company from six to more than 50 employees, he shaped it into one of the leading developers of real-time transactional authority, and then oversaw the successful acquisition of the company by RSA. Prior to that, John established numerous pivotal business deals and relationships while holding various executive positions at Entegrity Solutions, including VP of Business Development and Alliances, VP of Product Operations, and VP of Worldwide Marketing. John was also the Director of Business Strategy at HAL Computer Systems, which was acquired by Fujitsu in 1993. Before that, John was Director of Engineering in Unisys Corporation's $1.4 billion Client/Server Systems group.