This webinar will cover the threats and impacts from supply chain vulnerabilities, and propose possible mitigation strategies. The session will feature remarks from State of Vermont CISO Nicholas Andersen, Trustmark Companies CISO Fawaz Rasheed, and ThirdPartyTrust CEO Anders Norremo. Managing third-party vendors and securing a supply chain is a burdensome task for even the smallest organizations. The webinar’s featured speakers will address the risks faced by businesses and how they can minimize exposure posed by vendors and software.
To Register

Please sign up for this complimentary webinar using a business email address:

Webinar Schedule

– Introductions
– Understanding real and current threats in supply chain/third-party risk
– Key risk indicators around the supply chain
– Case studies of supply chain/third-party risk
– Challenges in standing up a risk program
– Q&A
– End of call

Speaker Biographies

Nicholas Anderson, CISO, State of Vermont

Mr. Nicholas Andersen is the Chief Information Security Officer (CISO) for the State of Vermont where he leads state government efforts pertaining to the security and protection of data, security compliance activities, risk reduction, security operations and threat intelligence. He also serves as a member of the Governor of Vermont’s Cybersecurity Advisory Team. Previously he was a partner and co-founder of Pueo Business Solutions and Vice President with Invictus International Consulting. Prior to that he served as a Department of the Navy Senior Executive with the Deputy Chief of Naval Operations for Information Warfare. He is also the former CIO for U.S. Coast Guard Intelligence. Mr. Andersen started his career of government service in the U.S. Marine Corps serving in Iraq, Europe and Africa.

Fawaz Rasheed, CISO, Trustmark Companies

Fawaz Rasheed has more than 20 years of experience in information security. He is currently the Vice President and Chief Information Security Officer at Trustmark Companies. Prior to his role at Trustmark, Fawaz was the Global Chief Information Security Officer at Johnson Controls, Inc., where he was responsible for planning, building and executing upon a robust information security program. In addition, Fawaz is also a Chair and Governing Body Member for Evanta. He is currently pursuing a master’s degree in Computer Science from DePaul University and has a bachelor’s degree in Communications from Loyola University, Chicago.

Anders Norremo, CEO, ThirdPartyTrust

Anders Norremo is the Founder and Chief Executive Officer of ThirdPartyTrust. Mr. Norremo has 15 years of experience building teams and software solutions. He has spent the last 5 years honing his expertise in third party risk management as CEO/Founder of ThirdPartyTrust. Previously, Anders served as Vice President at Firm58, where he ran deployment services and customer support. Prior to that Anders worked at Accenture where he managed large-scale enterprise implementations.

Moderator Biography

Ken Towne, Director of Technology, Global Resilience Federation

Ken leads technology sourcing, security engineering and technical threat research for Global Resilience Federation. At 20 he became a U.S. Marine, gaining experience in information systems and specializing in intelligence, surveillance and reconnaissance (ISR) collections and targeting. His expertise evolved, focusing on security architecture, critical infrastructure protection, vulnerability assessment, penetration testing, and threat mitigations within commercial and government spaces. He is a father, husband, veteran and a leading security data analytics and automation integrator.


Global Resilience Federation (GRF) is a non-profit hub for support, analysis, and multi-industry intelligence exchange between information sharing and analysis centers (ISACs) and organizations (ISAOs), which facilitate intelligence sharing for specific sectors. 

GRF’s mission is to help assure the resilience of critical and vital infrastructure against threats that could significantly impact the orderly functioning of the global economy and general safety of the public. GRF members include Financial Services ISAC, Legal Services ISAO, Multi-State ISAC, Retail ISAO, Retail Cyber Intelligence Sharing Center and Energy Analytic Security Exchange, among others. GRF is also engaged with computer emergency readiness/response teams (CERTs) and other bodies around the world that seek to protect certain regions and industries. 

Working with its members, GRF expands access to threat feeds and intelligence, strengthens collaboration, provides detailed analysis, and offers actionable cross-sector sharing among many industries. Learn more at, by visiting @GRFederation on Twitter or Global Resilience Federation on LinkedIn.