The CISO Stories PodcastSubscribe
Supply chain, DevSecOps

A Printout on Secure by Design When Utilizing 3rd Parties – Bryan Willett – CSP #164

With CISA just putting out new “secure by design” guidance, Lexmark CISO Bryan Willett pulls the curtain back on the curtain back on how Lexmark is approaching secure-by-design in its products Lexmark is at the forefront of secure by design as their products constantly touch highly confidential information in regulated industries, along with an established security record validated by IDC, Quocirca, and Bitsight. Bryan talks about the impact of secure by design on hardware manufacturers; the steps his company has taken to secure its products, monitor suppliers, and push updates; and his thoughts on the CISA guidance.

This segment is sponsored by VISO TRUST. Visit https://cisostoriespodcast.com/visotrust to learn more about them!

Sponsored By

VISO TRUST
Full episode and show notes

Guest

Bryan Willett
Chief Information Security Officer at Lexmark

Bryan Willett is the Chief Information Security Officer (CISO) at Lexmark. Under his tenure, Lexmark has made significant investments in security infrastructure, monitoring and operations across all business areas including IT, supply chain, shared services and R&D. These investments are focused on reducing Lexmark’s overall security risks and complying with regulatory requirements. Willett has a Bachelor’s Degree in Electrical Engineering from the University of Louisville.

Host

Vice President, Cybersecurity Strategy at Cybersecurity Collaborative

Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.

Related

5G Hackathons – Casey Ellis – BTS #28

Casey recently was involved in an event that brought hackers and 5G technology together, tune-in to learn about the results and how we can use bug bounty programs to improve the security of "things". This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!
Your TV Is Scanning You – PSW #826

This week the crew discusses: When TVs scan your network, bad things can happen, PuTTY is vulnerable, Crush FTP, vulnerabilities that will never be fixed, CVEs are for vulnerabilities silly, you can test for easily guessable passwords too, FlipperZero can steal all your passwords, more XZ style attacks, more reasons why you shouldn't use a smart lo...