Cisco Systems - Driving Security Across the Product Lifecycle
Company: Cisco Systems, Inc., San Jose, CA
Company Description: Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected. At Cisco customers come first and an integral part of our DNA is creating long-lasting customer partnerships and working with them to identify their needs and provide solutions that support their success.
Nomination Category: Individual Awards Categories
Nomination Sub Category: Female Executive of the Year – Business Products –More Than 2,500 Employees
Nomination Title: Driving Security Across the Product Lifecycle
Describe for the judges the activities and accomplishments of the nominated executive since the beginning of July last year (up to 525 words):
Recognized globally as a change agent in IT, Edna Conway is shifting the view on security from “limiting damage” to enabling business differentiation. She drives new operational capabilities while forging enduring relationships; and does so with humor, inclusion and unrelenting commitment to drive only that which serves the business, its customers and the community.
As Chief Security Officer of Cisco’s Global Value Chain, Conway develops and oversees the company’s strategy and architecture to assess, monitor, and continuously improve the security of its global value chain. Cisco's Value Chain spans an ecosystem of 75,000+ partners and suppliers.
Conway’s uniquely integrated architecture weaves together essential elements of operations, technology and information security across this ecosystem. Her verifiable platform of integrity has had broad and meaningful impact on Cisco and the industry. Since July 2015 she has:
• Deployed the architecture with manufacturing, logistics, & hardware component suppliers, and global repair and design partners
• Enabled Cisco, by use of the architecture, to meet U.S. DoD regulations re counterfeit electronic components (DFAR 252.246-7007); retaining $2B in revenue
• Initiated a digital Cloud Service Provider security review, reducing the information security and privacy risks to consumers of Cisco cloud offerings
• Effectively closed security gaps via new security innovations in every stage of the value chain: Design/Develop>Plan/Order>Source>Make>Quality>Deliver>Sustain>End of Life
Since July 2015, Conway has sponsored successful experiments which led to new security solutions in the following areas:
• Enhancements of immutable identity injection in anti-counterfeiting chips
• Securing JTAG boundary scan process
• Use of physical unclone-able functions/electronic chip IDs to collaboratively combat counterfeit
• Software-based Printed Circuit Board Assembly forensic analysis
• Leveraging near field communication in operations traceability.
Conway has also contributed to and impacted both industry and government security initiatives in the past year. Examples include:
• Invited as a subject matter expert to present to the U.S. Presidential Commission on Enhancing National Cybersecurity
• Influence and drafting with preeminent international forums, including ISO and NATO
• Appointed to the Center for Responsible Enterprise and Trade (CREATe) Cybersecurity Framework Advisory Council.
• Elected by industry peers as Vice-Chair of The Open Group Trusted Technology Forum
• Service as a primary drafter of ISO 20243 (1st standard to mitigate Counterfeit and Tainted commercial IT)
• Having her value chain work highlighted as a best practice in a US National Institute of Standards and Technology (NIST) Case Study.
• Being the only Cisco leader outside the Sales organization to receive a coveted Sales award
• Individually acknowledged for contributions to NIST IR 7622 on IT Supply Chain Risk Management
• Authored, at NATO's request, its soon to be published Technical Directive for IT Systems Security
• Recognized as a “Top 10” customer requested Cisco executive speaker
Committed to community service, Conway is an executive sponsor for Cisco’s Connected Women and iWise (Inspiring Women through Information Sharing & Experiences) affinity groups, personally mentors 20+ aspiring security leaders, and supports STEM education via Cisco’s Girls PowerTech Program. Locally, Conway serves on the New Hampshire Coalition for Business and Education and as a member of the MassTLC’s Security Advisory Board, judging its Annual Security Innovation Awards. Further, she is active in MIT’s Society of Women Engineers and supports NH HighTech Council’s entrepreneur program.
Provide a brief biography of the nominated executive (up to 125 words):
Edna Conway serves as Cisco’s Chief Security Officer for its Global Value Chain. In this capacity, she drives Cisco’s cyber and security protection plan throughout its third party ecosystem. Conway serves or has served on the company’s Cyber-Security Board, Risk and Resiliency Operating Committee and Global Compliance Governance Committee. She also serves or has served as a leader in various international security and supply chain standards, public-private partnerships and industry consortia (e.g., ISO, iNEMI, IPC, The Open Group Trusted Technology Forum and The Common Criteria).
She holds an AB from Columbia University, a law degree from the University of Virginia and additional credentials from MIT and Stanford, Carnegie Mellon and New York Universities.