The BOM Episode! DBOMs! SBOMs! And...Supply Chain Cybersecurity!
August 7, 2021
Hosted by Rebecca Herold
Before the Solarwinds hack made global news daily for many weeks starting in December, 2020, most of the public had never heard the term “supply chain,” let alone know about the inherent data and cyber security risks they bring to organizations. You know it is a significant issue when the President of the United States issues an Executive Order (on Feb. 24, 2021) to significantly strengthen supply chain security in all industries. The risks have always been there, but the number, types and methods capable of exploiting the risks have increased exponentially in recent years as new technologies, and tech companies, have proliferated throughout the world. The Solarwinds incident spotlighted to everyone paying attention to cybersecurity how protecting supply chains needs to be a top cybersecurity and privacy priority for every business using purchased technologies and/or contracting third parties to do work for them. Bills of Materials (BOMs) are tools that have been around since at least the 1960s to support business. They can also be used to support securing the supply chain. Do you know how? Do you know what BOMs are? In this episode we chat with cybersecurity expert Chris Blask, VP of Strategy at Cybeats, and the inventor of the Digital Bill of Materials (DBOM), for the details! What are SBOMs? What is the relationship between an SBOM and a DBOM? What are the cybersecurity benefits of SBOMs and DBOMs? What are other business benefits? Do SBOMs and DBOMs change the functionality of the associated hardware, software, firmware, system? What portion of organizations use SBOMs and DBOMs? How long have SBOMs and DBOMs been in use? Hear the answers to these questions, and much more, in this episode! #Cybersecurity, #Privacy, #ChrisBlask #Cybeats #SupplyChainSecurity #RiskManagement #SupplyChain #SupplyChainManagement
Data Security and Privacy with the Privacy Professor
New shows the first Saturday of each month at 8 AM Pacific Time on VoiceAmerica Business Channel
There are more information security and privacy threats than ever before. As more technologies emerge, more surveillance tactics are used, and more artificial intelligence systems are deployed, cybersecurity and privacy risks grow exponentially. Rebecca has spent her entire career working to improve information security and privacy protections, by not only raising awareness of the issues within businesses and other types of organizations, but also by raising the awareness of these risks in the public and helping them to understand how to better protect their own personal data, allowing them to take their privacy protections into their own hands. Rebecca offers information about these existing and emerging security and privacy risks and provides fresh insights into the impacts of exploiting these risks, and gives guidance, tips, expert advice and news, with fascinating guests, to help all organizations, and the general public, understand what they need to do to mitigate these risks.
Rebecca has 25-plus years of systems engineering, information security, privacy and compliance experience, is CEO of The Privacy Professor(R) consultancy she founded in 2004, and Co-Founder/CEO of Privacy Security Brainiacs online services, where Rebecca engineered the systems and created all the content, including automated risk assessments and training courses. Rebecca has authored 20 books, contributed to dozens of other books, and published hundreds of articles. Rebecca led the NIST Smart Grid Privacy Subgroup for 7 years, a member of the NIST Privacy Framework development team, and is a NIST Cybersecurity for IoT Program team member. Rebecca has provided expert witness services for HIPAA compliance, IoT security, privacy and location tracking, retirement community members’ personal data misuse, and other cases. Rebecca was co-founder and officer of the IEEE P1912 Privacy and Security Architecture for Consumer Wireless Devices Working Group, and is on numerous advisory boards. Rebecca was Adjunct Professor for the Norwich University MSISA program for 9 years. Rebecca has received numerous awards, including named as a Top 100 Women Fighting Cybercrime and a Cybersecurity Woman of the Year. Rebecca has provided keynotes on 5 continents and is frequently interviewed on TV and in international publications. Rebecca holds the following certifications: FIP, CDPSE, CISSP, CISA, CISM, CIPT, CIPM, CIPP/US, FLMI. Ponemon Privacy Fellow. Rebecca is based in Des Moines, Iowa, USA.