Webinar

< Back to all webinars

Critical Steps for a Secure and Resilient Software Supply Chain

Apr 24 / IT GRC Forum

Securing the software supply chain has become a top priority as cyber threats increasingly target vulnerabilities across development, build pipelines, and third-party components. Organizations must adopt proactive strategies to protect their applications, maintain compliance, and preserve customer trust. In this expert-led webinar, Forrester analyst Janet Worthington shares insights on strengthening software supply chain resilience through modern security practices and real-world guidance.


This session will explore how to identify and mitigate risks such as malware, insecure dependencies, and hidden vulnerabilities within both internal development processes and third-party software. Attendees will learn proven approaches for embedding security throughout the development lifecycle, including secure coding, automated code reviews, and DevSecOps integration.


The webinar will also cover best practices for incident response and recovery, ensuring organizations can quickly detect, contain, and remediate supply chain threats. Additionally, experts will discuss how automation improves continuous monitoring, vulnerability patching, and alignment with standards like NIST and FedRAMP. Participants will gain practical strategies to evaluate and secure commercial software before adoption, helping them build a more resilient, future-ready software supply chain.

Industry Leaders

About Our Experts

Colin Whittaker

Founder & Director at Informed Risk Decisions Ltd
Colin is a leading payments security expert with extensive experience shaping global risk strategy. A former PCI SSC Board of Advisors member, he drove major security and compliance initiatives at APACS and Visa Europe. Now an independent consultant, he advises diverse organizations and frequently speaks and publishes on cybersecurity and information risk.

Janet Worthington

Senior analyst at Forrester advising security and risk professionals

Janet is Senior Analyst at Forrester, advises security and risk leaders on product security, secure development, and application security. With 25+ years in software development, security program management, and engineering leadership, she has helped global enterprises build scalable AppSec programs and strengthen collaboration across security, development, and product teams.

Paul Asadoorian

Principal Security Evangelist at Eclypsium & founder of Security Weekly
Paul is Principal Security Evangelist at Eclypsium and founder of Security Weekly. With deep experience in penetration testing, vulnerability management, Python development, and security product evaluation, he brings hands-on expertise from roles supporting universities, enterprises, and security vendors. His work continues to influence modern vulnerability and firmware security practices.

Charlie Jones

Director of Product Management at ReversingLabs
Charlie is a recognized expert in software supply chain security, digital trust, and cyber risk. With a decade of consulting experience at PwC, he has shaped cybersecurity, TPRM, and audit programs for major financial institutions. A CSO 30 Award honoree, he actively contributes to global security standards.

Tanner Boswell

Solutions Engineering Manager at OneTrust
Tanner, Solutions Engineering Manager at OneTrust, guides organizations in scaling compliance, managing risk, and strengthening governance. With expertise across privacy, security, IT, and GRC, he helps teams build trusted operations. Tanner holds degrees in Risk Management and MIS and maintains certifications including FIP, CRISC, GRC-P, CIPP/E, and CIPM.