(or in my case, without the AirBnB invoice)
This year, RSA will be all virtual.
It will run from May 17-20. And I’ll again be speaking on a panel led by Mark
Weatherford, former NERC CISO and now CSO and Board Member of the National
Cybersecurity Center. My fellow panelists will be Jennifer Bisceglie, Founder of
Interos Inc, and Chris Blask, Global Director of Industrial Security of UNISYS.
Our panel will run from 2:40 to
3:20 PM Pacific Time on May 20 (and don’t give me an excuse that you have to
miss our session to catch a flight home from SFO! Normally, the last afternoon
of the conference is pretty quiet because so many people have left). However, please stick around afterwards,
because there will be an “Additional Audience Engagement” session, starting at
3:20. I have never heard of one of these before at the conference (if they’ve
even had them before), but RSA says it’s a “40-minute interactive QA discussion”
on the topic of our panel. This is great, because I’ve never been on a panel
where it was possible to get into the topic in much depth, or to take many
questions. This will be an exception.
Well, I guess that’s about it…What,
you want to know what the topic is? Sure, it’s “DBOM and SBOM: New Options for
Better Supply Chain Cybersecurity”. The description is “The global supply chain
includes a mystifying accumulation of digital and software components that
generate perplexing cybersecurity risk management challenges. These supply
chain risk management challenges can be addressed through the focused
application of both Digital Bill of Materials (DBoM) and Software Bill of
Materials (SBoM) to document component provenance to consuming organizations.”
If you’ve been reading this blog
at all lately, you’ve certainly heard of SBoM. But what’s DBoM? DBoM is…well, here’s
a very succinct summary
of it by Chris; you can also find a few podcasts on DBoM by searching on his
name. But I’ll admit: I’ve been going to (at least) weekly meetings discussing
DBoM since last August, and I’m just now beginning to realize how revolutionary
it is – and how it can lead to great improvements in security and efficiency of
supply chains, which I (and the others in the group, frankly, including Chris
himself) are just beginning to understand. It's definitely worth a few minutes of your time to learn about this.
Oh, and in case you think this is a
(poorly) disguised product sales pitch, I’ll point out that DBoM is an open
source product.
I hope to see you there on May 20!
And be sure to leave enough time to find the room where we’re speaking (for
some reason, I don’t see the room number on the email from RSA). The Moscone
Center is a big place.
Any opinions expressed in this
blog post are strictly mine and are not necessarily shared by any of the
clients of Tom Alrich LLC. If you would like to comment on what you have read here, I would
love to hear from you. Please email me at tom@tomalrich.com.
No comments:
Post a Comment