Guest: Cassie Crossley, VP, Supply Chain Security, Schneider Electric [@SchneiderElec]
On LinkedIn | https://www.linkedin.com/in/cassiecrossley/
On Twitter | https://twitter.com/Cassie_Crossley
On Mastodon | https://mastodon.social/@Cassie_Crossley
____________________________
Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin
View This Show's Sponsors
___________________________
Episode Notes
In this episode of the Redefining CyberSecurity Podcast, host Sean Martin chats with Cassie Crossley, Vice President for Supply Chain Security at Schneider Electric, and author of the book "Software Supply Chain Security". Crossley emphasizes the need for increased awareness and understanding of software supply chain security, not just among technology companies but also in the broader business sector including procurement, legal, and MBA graduates.
Crossley highlights the intricate complexities involved in securing IT, OT and IoT ecosystems. These include dealing with decades-old equipment that can't easily be upgraded, and accounting for the constantly evolving nature of cybersecurity threats, which she likens to a 'Wild West' environment.
Crossley brings attention to the importance of businesses understanding the risks and impacts associated with cyber vulnerabilities in their supply chain. She touches on the potential vulnerabilities of pre-installed apps on iPhones, the need for more memory-safe languages, and the complexities of patch management in OT environments.
Additionally, Crossley talks about the potential for cyber disasters and the importance of robust disaster recovery processes. Discussing the EU Cyber Resilience Act, she raises an important issue about the lifespan of tech devices and the potential impact on the security status of older devices.
To help businesses navigate these challenges, Crossley’s book provides a holistic overview of securing end-to-end supply chains for software, hardware, firmware, and hardware; it is designed to serve as a practical guide for anyone from app developers to procurement professionals. She aims to enlighten and equip businesses to proactively address supply chain security, rather than treating it as an afterthought.
Key Questions Addressed:
- What is the importance of software supply chain security in businesses?
- What are the challenges presented by OT environments when implementing cybersecurity measures?
- How can businesses proactively navigate these challenges and strengthen their supply chain security?
___________________________
Watch this and other videos on ITSPmagazine's YouTube Channel
Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:
📺 https://www.youtube.com/@itspmagazine
Be sure to share and subscribe!
___________________________
Resources
Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware (Book): https://amzn.to/47m6gIg
___________________________
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast
Are you interested in sponsoring this show with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc