Zero Trust: Transforming Cybersecurity -- Understanding the Zero Trust Capability of Software Risk Management

Click here for full screen and other viewing options

Date:  July 20, 2023 

Time: 1:00 - 2:00 p.m. ET (10:00 - 11:00 a.m. PT)

CLPs: 1.0

Participant Resources

Survey Link:  We value your input.  Visit https://eval.dau.edu/jfe/form/SV_ePOtI66PnOCGn2K?EventID=1077 to access a short survey.  At the end of the survey, you can enter your email to request a certificate be sent to you which you can use to request the 1.0 CL point for this event.  

Who Should Attend:  Government, Military, and Industry at all levels who want to learn about the principles of zero trust and its role in innovative cybersecurity solutions.

Speaker:  Mr. Thomas Hurt

Description:  Come join Mr. Thomas Hurt to better understand the issues for software risk management and development of this Zero Trust capability in implementation plans.  Discover how understanding software risk management is critical in execution of your ZT capabilities and activities.  This will assist in DoD and DIB contractor efforts in managing software risk management as part of your ZT implementation.

Understanding software risk management is throughout the DoD's ZT capabilities and activities, especially ZT Capability 3.3, "Software Risk Management."  This ZT capability requires DoD organizations to "establish software/application risk management program."  It includes foundational controls risk management. "Foundational controls include Bill of Materials risk management, include Bill of Materials risk management, Supplier Risk Management, approved repositories Supplier Risk Management, approved repositories and update channels, and vulnerability and update channels, and vulnerability management program. Additional controls management program. Additional controls include Continual validation within the CI/CD include Continual validation within the CI/CD pipelines and vulnerability maturation with pipelines and vulnerability maturation with external sources."  Mr. Hurt will discuss insights on this ZT capability and its activities to effectively manage software risk management.  

Biography:  Mr. Hurt is a DAU Professor with 50 years of experience in leadership, system assurance, system engineering, and software development. In office of the Secretary of Defense, he stood up the Joint Federated Assurance Center (JFAC) and the DoD/NNSA Software Assurance Community of Practice.  He founded the high-tech company TeraStore, Inc., to develop and license a novel ultra-high-speed nano-scale memory technology. He has over 30 patents in the US and internationally. Mr. Hurt had leading roles in software development for the Space Station, the V-22, the TRIDENT, and several black programs.