CISOs, Application Security, and DevSecOps teams realize the need to quickly step-up software supply chain security with increased attacks and impending regulations as drivers. Security teams may vary widely in terms of their program maturity, but they can all accelerate their maturity with the help of new tools and processes provided they are easy to implement, achieve broad adoption, and super-charge their productivity. Modern security solutions also need to keep pace with the speed of their development team’s software releases, while protecting the business from software supply chain attacks.
Join Ricardo Lafosse, CISO of Kraft Heinz for an in-depth conversation on how his team adopted a modern software supply chain security approach that:
- Hardened SDLC systems and continually provides real-time visibility across their SDLC
- Gained quick adoption by the cross-functional teams that operationalize their use
- Accelerated the maturity of their overall application security program
Lee Neely – Information Assurance APL, LLNL
Lee Neely is a senior IT and security professional at LLNL with over 30 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. He teaches cyber security courses, and holds several security certifications including GMOB, GPEN, GWAPT, GAWN, GPYC, GEVA, CISSP, CISA, CISM and CRISC. He is a current ISSA International Board Member and former ISSA International Director, Member of the SANS NewsBites Editorial Board, SANS Analyst, and Security Weekly podcast host. You can keep up with Lee @lelandneely
Ricardo Lafosse – Chief Information Security Officer, Kraft Heinz
Ricardo Lafosse is chief information security officer for Kraft Heinz. Lafosse is responsible for IT risk governance, OT security, incident management, technical disaster recovery, and determining enterprise-wide security policies and procedures. Lafosse regularly presents on security topics at global conferences, including MirCon, ISACA CACS and Secure World.
Prior to his current role, Lafosse was chief information security officer for Morningstar, where he was responsible for providing strategic information security leadership, implementation and governance for the Information Security Program.
Lafosse has more than 18 years of experience in information security for the government, banking, legal, healthcare and education sectors. Lafosse began his career in information security consulting in finance.
Lafosse holds a Master’s in Information Assurance from Iowa State University. He also holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) designations.
Liav Caspi – CTO and Co-Founder, Legit Security
Liav Caspi is CTO of Legit Security and has a long background as a cyber-security expert starting in the Israeli unit of 8200 in various engineering, team lead, and project management roles. In previous roles, Liav worked at Argus Cyber Security building security into automotive-oriented software. He then joined an early-stage startup that was acquired by Checkmarx and led the architecture and the product management of the SCA solution – the first SaaS solution by Checkmarx dealing with open source security. In his free time, Liav enjoys technology, traveling, food, and learning new languages.
Alex Babar – Director of Product Marketing, Legit Security
Alex Babar is the Director of Product Marketing at Legit Security. Previously, Alex held various product marketing and product management roles in the identity and access management security space with Ping Identity. In his free time, Alex is an avid tennis player, automotive enthusiast, and aspiring home cook.
ISSA Webinars and Conference series cover all the continuing education credits to maintain your cyber security certifications. (CPEs, CEUs, ECE, etc). Each hour is equal to one continuing education credit. Certificates of completion are available upon request after completion. For instructions, click here.