Next Monday, I’ve been invited to
discuss using SBOMs (and VEXes) during a monthly Tech Talk sponsored by RF, one
of the six NERC Regional Entities that works with electric utilities to comply
with the NERC standards (including the NERC CIP standards). The Tech Talk will
run from 2:00 to 3:30 PM Eastern Time on March 21, and will be available at this
URL. No pre-registration is required. The Tech Talk won’t be recorded.
My talk will probably start about
10-15 minutes into the program and will run (with Q&A) for about 40 minutes
after that. If you’re with a NERC entity, you might want to stay around after I’m
finished to listen to three very knowledgeable people from the North American
Transmission Forum (NATF). They will “provide an update on supply chain risk
management efforts and their proposed Implementation Guidance.”
Even though my stated topic is how
SBOMs can help an electric utility comply with the NERC CIP-013 supply chain cybersecurity
risk management standard, I want to point out that there will be literally nothing
in my presentation that won’t be of interest to any organization (in any
industry or government) that is concerned about software supply chain cybersecurity
risks - and would like to know how SBOMs and VEXes can be used to mitigate those
risks.
Here is alternative access
information:
Meeting Number/Access Code: 2313 701 2627
Meeting Password: 0123456789
Join by Phone: 1-650-479-3207
Please
join us on Slido.com using #TechTalkRF as the event code.
I’ll hope to see you there!
Any opinions expressed in this
blog post are strictly mine and are not necessarily shared by any of the
clients of Tom Alrich LLC. If you would
like to comment on what you have read here, I would love to hear from you.
Please email me at tom@tomalrich.com.
No comments:
Post a Comment