SBOMs in Energy Sector – best practices for supply chain security improvements

Software and Security Bill of Materials (SBOMs) have been already part of the Energy and Healthcare supply chain requirements for a number of years. Followed by the US government and its agencies, now being picked up also as a requirement and also good practice in many other industries. In Europe aim is to ensure manufacturers include SBOMs with their internet connected devices, and use SBOMs to support the requirements set out by the Cyber Resilience Act (CRA).

During this talk, we’ve asked Chris Blask to present us with an overview of his experiences with SBOMs in the Energy domain, how suppliers are developing and struggling with their SBOMs, but equally how the SBOMs are being consumed and used by the Energy operators. We’ll try to learn from some best practices and use cases and discuss how the difficulties in getting global suppliers to engage and adopt and where some of the benefits have been found over the years. We’ll discuss how Software supply chain transparency is emerging and even getting to a next level.

Register now to participate via Zoom Webinars or join us live at Flanders Make in Lommel.

SBOMs in Energy Sector – best practices for supply chain security improvements

Software and Security Bill of Materials (SBOMs) have been already part of the Energy and Healthcare supply chain requirements for a number of years. Followed by the US government and its agencies, now being picked up also as a requirement and also good practice in many other industries. In Europe aim is to ensure manufacturers include SBOMs with their internet connected devices, and use SBOMs to support the requirements set out by the Cyber Resilience Act (CRA).

During this talk, we’ve asked Chris Blask to present us with an overview of his experiences with SBOMs in the Energy domain, how suppliers are developing and struggling with their SBOMs, but equally how the SBOMs are being consumed and used by the Energy operators. We’ll try to learn from some best practices and use cases and discuss how the difficulties in getting global suppliers to engage and adopt and where some of the benefits have been found over the years. We’ll discuss how Software supply chain transparency is emerging and even getting to a next level.

 

 

Chris Blask is VP Strategy, Special Advisor and Chief Evangelist at Cybeats, a company supporting the vision on bringing transparency and innovation in the software supply chain. In the early 1990s while trying to make it easier to get online, Chris Blask accidentally invented a firewall. When it turned out most folks couldn’t use it without Network Address Translation, he fell into a mop closet and invented that with some colleagues, by carefully arranged random chance. More recently, while ranting about supply chain security in 2019 he tripped over a pile of digital chain, unintentionally placed there earlier for just that purpose, and found himself co-inventing Attestation Channels (Digital Bill of Materials) with Mehdi Entezari.

LSEC is a non-profit association focused on CyberSecurity. Learn more on leadersinsecurity.org