GIA global group
Linkedin Instagram Twitter Facebook

SCCS Summit Network

Your global hub for resilience in third party and supply chain cyber risk.

A year-round community for Information Security, Cyber TPRM, and GRC professionals to connect, exchange ideas, and tackle the most pressing challenges in supply chain cyber security and resilience.

Join our monthly virtual discussions to:

  • Learn from leading experts and peers
  • Share insights and best practices
  • Shape stronger, more resilient supply chains worldwide

Be part of a trusted network driving collaboration and innovation in supply chain cyber security.

Next Session

Date:June 24, 2026
Time:16:00 – 17:00 CEST (Prague) | 15:00 – 16:00 GMT (London) | 18:00 – 19:00 UTC (Dubai)
Lead Speakers:Tereza Jášková, Managing Director & Senior Legal Counsel at Alpiq;
Rolf A. Becker, Co-Chair at Cloud Security Alliance Swiss Chapter
Moderator:John Salomon, Board Advisor at Cybersecurity Advisors Network (CyAN)
Topic:Cyber Resilience Act: Practical Implications For Supply Chains

The EU Cyber Resilience Act is no longer on the horizon — it is here, and the compliance clock is running. For organisations across every sector — including financial services, critical infrastructure, and enterprise technology — the CRA introduces mandatory cybersecurity requirements that go well beyond existing frameworks, reshaping how products with digital elements are procured, integrated, and maintained throughout their lifecycle. The implications extend far beyond legal teams: procurement, engineering, vendor management, and the boardroom all have a stake.

Yet for many organisations, the path from regulatory text to operational reality remains unclear. What does meaningful compliance look like across complex, multi-tier supply chains? How should responsibility be allocated across the ecosystem — from vendors and integrators to end-user organisations? And where does the CRA intersect — or conflict — with existing obligations under NIS2, GDPR, and sector-specific regulation?

This roundtable brings together legal, security, and governance practitioners to move beyond the theory and into the practical. Explore:

  • How the CRA affects organisations across industries — not just technology producers, but anyone procuring or integrating products with digital elements;
  • Contractual and liability implications for vendor relationships and third-party software dependencies;
  • Aligning CRA compliance with existing NIS2, GDPR, and sector-specific regulatory obligations;
  • Practical steps organisations can take now to assess readiness and close compliance gaps;
  • How security and legal teams can collaborate to build scalable, audit-ready compliance programmes.

Be part of the conversation and contribute your perspective to building more resilient supply chains worldwide.

Personal Info
Job Info
Contact Info
The submitted information will be processed according to the GIA Global Group’s Privacy Policy.
The SCCS Summit Network virtual roundtables are hosted by GIA Global Group together with industry professionals, organized on a voluntary basis for the community. These sessions are not sponsored, and your data will never be shared with third parties.

About the partner

Bitsight is the global leader in cyber risk intelligence, helping teams make informed risk decisions with the industry’s most extensive external security data and analytics. With 3,300 customers and 65,000 organizations active on its platform, Bitsight delivers real-time visibility into cyber risk and threat exposure—enabling teams to quickly identify vulnerabilities, detect threats, prioritize actions, and mitigate risk across their extended attack surface.

Built on over a decade of market-leading innovation, an unparalleled cyber dataset, and intelligence-driven workflows, Bitsight uncovers security gaps across infrastructure, cloud environments, identities, and third- and fourth-party ecosystems. From security operations and GRC teams to the boardroom, Bitsight provides the unified intelligence backbone organizations need to proactively address exposures before they impact performance.

For more information, visit bitsight.com, read our blog, or connect with us on LinkedIn.

About the partner

FortifyData has built a Next Gen Cybersecurity Risk Management platform that enables you to identify and manage your risk exposure across your entire attack surface – This includes external risks, internal risks, cloud configuration risks, and also third-party risks. All of these components are consolidated into one platform that enables you to – perform customizable risk modeling, integrate with other security technologies, produce a financial cyber risk quantification, and a security rating. With FortifyData you will always get the most current and accurate visibility of risk your organization is exposed to. See a demo at www.fortifydata.com.

About the partner

Shared Assessments is a global membership organization dedicated to developing the best practices, education and tools to drive third party risk assurance. We are creators of the industry standard third party risk toolkit, used by over 15,000 organizations worldwide.

About the partner

CyberVadis provides enterprises with a cost-effective and scalable solution for third-party cybersecurity risk assessments. Our methodology maps to all major international compliance standards including NIST, ISO 27001, GDPR, and many other privacy and security laws. CyberVadis’ solution combines the speed of automation with the accuracy and effectiveness of a team of experts. We directly engage vendors from all over the world with assessments, validate results with an in-house team of security analysts, and issue companies a standardized cybersecurity rating that they can share with others, along with a detailed improvement plan for increasing their score and the ability to collaborate with clients on implementing better practices.