The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Its core purpose is to help organizations improve their software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
Edna Conway is the Chief Security Officer for Cisco in its Global Value Chain. She develops and oversees the deployment of Cisco’s strategy to assess, monitor, and continuously improve the security of its global value chain. Cisco's Value Chain Security Program spans its Supply Chain Operations, Engineering, Worldwide Partner and Services organizations. In addition, she drives Cisco’s cyber and security protection plan throughout its third party ecosystem. Conway serves or has served on the company’s Cybersecurity Board, Risk and Resiliency Operating Committee and Global Compliance Governance Committee. Conway also serves or has served as a leader in various international security and supply chain standards, public-private partnerships and industry consortia (e.g., ISO, iNEMI, IPC, The Open Group Trusted Technology Forum and The Common Criteria). Her work has been featured in a variety of publications, analyst reports, and case studies, including some referenced at https://www.linkedin.com/in/ednaconway. Conway’s discussions on key issues can be found on her Blog. Her recent industry recognition includes being named 2016 Chief Security Officer of the Year by Info Security Products Guide at RSA and being named a 2016 Woman of M2M by Connected World Magazine.
Conway holds an AB from Columbia University, a law degree from the University of Virginia and additional credentials from MIT and Stanford, Carnegie Mellon and New York Universities.
In this podcast, Edna Conway and John Haller discuss the global value chain for organizations and critical infrastructures and how this expanded view can be used to improve ICT supply chain management, including risks to the supply chain.