web analytics

Shedding New Light on Software Visibility in the Age of SBOM – Source: www.govinfosecurity.com

Rate this post

Source: www.govinfosecurity.com – Author: 1

3rd Party Risk Management
Governance & Risk Management

Center for Internet Security CISO on ‘Transitional’ State of Software Supply Chain

Anna Delaney (annamadeline) •
June 7, 2023    

Shedding New Light on Software Visibility in the Age of SBOM
Sean Atkinson, CISO, Center for Internet Security

It has been two years since President Joe Biden issued a cybersecurity executive order warning vendors that they will be required to submit a software bill of materials to do business with the federal government. But a number of organizations are still not ready for SBOM, warned Sean Atkinson, CISO of the Center for Internet Security.

See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm

With the government set to send out the first SBOM attestation requests this year, the industry is in a “transitional state of supply chain management,” he said. Some organizations want to make sure that if they provide the appropriate transparency – including open-source software components – adversaries won’t be able to use it against them in cyberattacks (see: Zero Trust: Lessons Learned and Lessons Identified).

“It’s very, very difficult because we have such a vast, expansive system, and not everybody thinks about vendor risk management in the same way. It’s trying to get everybody to that same level of tolerance,” he said.

In this video interview with Information Security Media Group, Atkinson discussed:

  • The state of third-party risk management;
  • Advice for effective inventory management;
  • Tools to monitor and manage vendors and partners.

Atkinson uses his broad cybersecurity expertise to direct strategy, operations and policy to protect the Center for Internet Security’s enterprise of information assets. His responsibilities include risk management, communications, applications and infrastructure. Prior to CIS, he served as global information security compliance officer for GlobalFoundries. Prior to that, he led the security implementation for New York’s statewide financial system.

Original Post URL: https://www.govinfosecurity.com/shedding-new-light-on-software-visibility-in-age-sbom-a-22253

Category & Tags: –

Views: 0


advisor pick´S post

More Latest Published Posts