Go Back
Virtual Event

JFrog x Google Cloud From NPM to the Boardroom: Why the Business Expects the CISO to Have a Unified Software Development Defense

North America
11:00 - 12:30 EST03.12.25
Enquire

The modern software supply chain is under siege. Incidents like the npm compromise have proven that fragmented defenses - across developers, registries and build environments - create business-wide risk that no organization can afford to ignore. 

Today, the boardroom expects CISOs, CIOs and CTOs not only to secure code - but to quantify and communicate risk in business terms.

Join a select group of cybersecurity and technology leaders for an exclusive, closed-door virtual roundtable exploring what it takes to build a unified software development defense that aligns security, engineering, and business priorities.

 

Key Discussion Themes:

  1. The Business Cost of Fragmentation - The npm incident revealed vulnerabilities from developer credentials to build pipeline. Where are the most critical gaps - organizational, technological, or budgetary - that prevent a unified defense across the entire SDLC? Explore real-world strategies for eliminating silos between AppSec, DevOps, and risk management. 
  2. Quantifying Supply Chain Risk for the Board - The board no longer accepts technical jargon - they want measurable impact. What KPIs can translate supply chain risk into business metrics like revenue loss, IP threat or brand damage? Learn how top CISOs are reframing security metrics for executive clarity and accountability. 
  3. From Incident Response to Resilience -  Every second counts after a breach - but what if you could anticipate and isolate attacks before they spread? Discuss frameworks for shifting from reactive response to proactive resilience across dependencies and components. 

 

Executive Perspectives

Leaders will explore how security investments are shifting - balancing perimeter defense with software supply chain protection and aligning budgets accordingly. The conversation will examine how CISOs measure and contain the "blast radius" of a compromised open-source package, and how organizations can cut remediation times for third-party vulnerabilities to strengthen overall resilience.

 

Reserve Your Seat Below

This is an invitation-only virtual roundtable. Space is limited to ensure focused discussion and peer level engagement. 

Supply Chain Risk
Fragmentation