Mr. Ramu DUVUR
Senior Director of Information Security and Risk Management, Applied Materials
Ramu Duvur is a senior information security executive with a proven track record of leading enterprise scale security programs that support strategic business priorities and risk management objectives. He is known for establishing strong, risk based security and governance frameworks that protect critical data and technology assets while enabling business growth and operational resilience.
Ramu brings deep expertise across enterprise risk management, cybersecurity governance, disaster recovery and business continuity, regulatory compliance, and global audit and certification programs. His leadership includes overseeing third party cyber risk management, guiding cybersecurity due diligence and integration for mergers and acquisitions, and serving as a primary liaison for cybersecurity inquiries with customers, partners, and regulatory stakeholders.
A trusted and results driven leader, Ramu has built and led high performing global security teams and works closely with executive leadership and cross functional partners to ensure a resilient, adaptive, and business aligned security posture. He has successfully launched key cybersecurity initiatives from the ground up, including supply chain cybersecurity and cloud security programs.
Ramu remains focused on anticipating emerging risks, advancing security maturity, and ensuring cybersecurity strategy remains aligned with enterprise governance, resilience, and long term business objectives in an increasingly complex digital landscape.
Presentation Title
Standardized Semiconductor Cyber Assessment (SSCA): A Unified Approach to Supply Chain Security
The semiconductor industry faces growing cybersecurity challenges across complex global supply chains. Current practices rely on fragmented, inconsistent supplier assessments, creating inefficiencies and gaps in risk management. To address this, the SEMI Supply Chain Cybersecurity Working Group (SMCC WG3) has developed the Standardized Semiconductor Cyber Assessment (SSCA) framework — a unified, standards-based approach inspired by best practices from the automotive sector’s TISAX (Trusted Information Security Assessment Exchange) model.
SSCA introduces a common question bank focused on three critical domains: Cyber Resilience, IP Protection, and Product Security, tailored to semiconductor-specific needs. The framework enables suppliers to complete a single, comprehensive assessment, reducing redundant audits and improving transparency. Key deliverables include a multilingual questionnaire, a standardized auditing process, and a mechanism for secure result sharing across industry stakeholders.
By harmonizing assessment criteria and fostering collaboration, SSCA aims to significantly reduce supply chain cybersecurity risks, accelerate adoption of best practices, and enhance overall resilience. This session will outline SSCA’s development journey, scoring methodology, and practical steps for industry-wide implementation.