The CISO Stories Podcast Subscribe

Supply chain, DevSecOps

A Printout on Secure by Design When Utilizing 3rd Parties – Bryan Willett – CSP #164

March 5, 2024

Full Audio

View Show Index

Segments

1. A Printout on Secure by Design When Utilizing 3rd Parties – Bryan Willett – CSP #164

With CISA just putting out new “secure by design” guidance, Lexmark CISO Bryan Willett pulls the curtain back on the curtain back on how Lexmark is approaching secure-by-design in its products Lexmark is at the forefront of secure by design as their products constantly touch highly confidential information in regulated industries, along with an established security record validated by IDC, Quocirca, and Bitsight. Bryan talks about the impact of secure by design on hardware manufacturers; the steps his company has taken to secure its products, monitor suppliers, and push updates; and his thoughts on the CISA guidance.

This segment is sponsored by VISO TRUST. Visit https://cisostoriespodcast.com/visotrust to learn more about them!

Sponsored By

VISO TRUST

Guest

Bryan Willett

Chief Information Security Officer at Lexmark

Bryan Willett is the Chief Information Security Officer (CISO) at Lexmark. Under his tenure, Lexmark has made significant investments in security infrastructure, monitoring and operations across all business areas including IT, supply chain, shared services and R&D. These investments are focused on reducing Lexmark’s overall security risks and complying with regulatory requirements. Willett has a Bachelor’s Degree in Electrical Engineering from the University of Louisville.

Host

Todd Fitzgerald

VP, Cybersecurity Strategy, Cybersecurity Collaborative at CyberRisk Alliance

http://cyberleadersunite.com/

Todd Fitzgerald promotes CISO/CPO leadership via the SCMedia CISO STORIES weekly podcast, advisory board participation, and international speaking engagements. Todd serves as VP, Cybersecurity Strategy, Cybersecurity Collaborative. Todd authored 5 books, including #1 New Release (2024) Privacy Leader Compass: A Comprehensive Roadmap for Building and Leading Practical Privacy Programs, and #1 Best-selling (2019-2023) and 2020 CANON Cybersecurity Hall of Fame book, CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers. Named 2016–17 Chicago CISO of the Year, Todd’s senior leadership positions include Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, Wellpoint/National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.

Related

Air Gapped! The Myth of Securing OT – Thomas Johnson – CSP #172

April 30, 2024

The terminology of ICS has morphed into OT (Operational Technology) security; however many organizations are lacking in addressing the OT security controls. As some companies talk about air gapping as the primary method of securing OT, the reality is many times true air gapping does not exist. Join us as we discuss why these gaps occur and what nee...

Application security

Random Problems, Protecting Packages, and Vulns in Designs, Defaults & Data Leaks – ASW #283

April 29, 2024

Misusing random numbers, protecting platforms for code repos and package repos, vulns that teach us about designs and defaults, and more!

Application security

Why Companies Continue to Struggle with Supply Chain Security – Melinda Marks – ASW #283

April 29, 2024

Companies deploy tools (usually lots of tools) to address different threats to supply chain security. Melinda Marks shares some of the chaos those companies still face when trying to prioritize investments, measure risk, and scale their solutions to keep pace with their development. Not only are companies still figuring out supply chain, but now th...