Join Us In-Person!
As NASA moves forward with its Moonshot, NASA SEWP is continuing its exploration of Supply Chain Risk Management (SCRM) and Cybersecurity Supply Chain Risk Management (C-SCRM). As one of the largest providers of technology equipment and services to government, NASA SEWP is in a unique position to bring leaders together for conversations about the latest developments and guidance, as well as innovative approaches that agencies are taking to protect their systems, software, and services.
Day 1 is the third in a series of deep dives by the NASA SEWP team into the challenges, risks and potential solutions to protect critical technology systems. This series brings together agency leaders, cybersecurity experts, as well as standards creators and management specialists to focus on cyber challenges throughout the organization.
Day 2 will feature SEWP present and future as the program holds a training conference in the morning, including highlighting the SCRM elements built into the program and platform. In the afternoon the program will hold a feedback forum where government and industry participants will provide their feedback and recommendations for what they would like to see from the program today and in future renditions of the program.
Attendees will come away from this forum with a better understanding of:
- What organizations such as NASA, DOD, DHS and NIST are offering to solve these challenges
- The role of the National Risk Management Center and how to find guidance on reducing supply chain risk
- How CISA’s shared services model helps to harden the civilian sector’s response to supply chain vulnerability
- Why SCRM and C-SCRM are important to the federal network infrastructure
- What are some of the solutions to secure the critical software supply chain
- Where to find resources to help smaller or under resourced organizations
8:00 - 5:00 PM ET
January 30 & 31*, 2023
*Please Note: Day 2's Workshops are only available in person and are closed to the press
Ritz Carlton, Pentagon City
January 30th Agenda
Registration, Breakfast & Networking
Managing Risk at Government Scale
A discussion of current policy and guidance on SCRM and C-SCRM that organizations are using to manage their cyber risk.
Are you interested in learning more about the Federal Acquisition Security Council (FASC)? Are you a seasoned supply chain risk professional who wants to understand how the FASC receives referrals, evaluates SCRI about covered sources and covered articles, and the recommendation process? Or, are you suddenly seized with curiosity about terms like “SCRI” or “CSCRM” or “covered sources and covered articles? If you answered yes – then the FASC Fundamentals presentation is for you. The FASC presenters will give an overview of what the FASC is, what the FASC does, and what resources are available for continued reference.
The presentation will be followed by a brief question and answer session as time permits. An introduction to the Federal Acquisition Security Council (FASC). Authorized by statute in December 2018 and established in early 2019 when the law went into effect, the FASC is an intra-agency council charged with a key role in cyber supply chain risk management (CSCRM) for U.S. government ICTS. Join us for an opportunity to learn more about the unique role of the Council in national security and economic security.
Consortia Working Group Panel
Federal IT modernization efforts have generated many challenges for agencies, especially ones focused on supply chains and cyber risks. During this panel, executives will discuss how the government can collaborate with industry, academia, and nonprofits to pursue common sense standards and best practices for federal procurement, IT solutions, and risk analysis.
Lunch & Networking
Luncheon Keynote: The Change Leadership Imperative
21st Century life is full of change and transition. In fact, change might be the only constant we can rely on in today’s fast-paced world. Leading and managing change has become an essential leadership skill in today’s business world. While leaders may enthusiastically lead the charge for change, they often find themselves looking over their shoulders to discover that no one is following their lead or doing the work necessary to make the change a success. Creating effective organizational change requires specific change management skills and sensibilities. This eye-opening presentation builds awareness around the need for strong change leadership and offers best practices for managing and leading organizational change.
Technology Provider Panel: SCRM Practices Today
SCRM means different things to different people, and the kinds of SCRM practices a company engages in depends upon which link in the chain is theirs to account for. In this panel you will learn from industry experts representing manufacturers, distributors, and resellers as they discuss their practices in accounting for supply-chain risk, as well as how the government’s initiatives can impact their operations.
SCRM Acquisition Update
This panel will look at what the government has been doing so far in terms of addressing SCRM and what needs to be done. They will discuss how the acquisition processes have been changed and updated to provide more supply chain information and protection, and how the newest approaches are working in the civilian and intelligence communities.
Thank You & Closing
January 31st Agenda:
|8:00 - 9:00 AM||
Registration, Breakfast & Networking
|9:00 AM -9:15 AM||
|9:15 AM - 3:30 PM||
Customer/Provider Training and Interactive Discussion
GovExec is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.