Welcome to the interactive schedule for SecurityWeek’s CISO Forum, Presented by Cisco! (For full event information visit the conference website.)  Click Here to Register.
Back To Schedule
Tuesday, September 14 • 3:15pm - 4:00pm
Navigating SBOMs and Supply Chain Security Transparency

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The recent cybersecurity executive order from the White House mandates a bill of materials for software (SBOM) purchased by the Federal Government. This presents new opportunities and challenges for software producers and security teams. During this panel, we will discuss specific ways an SBOM can improve supply chain security and where expectations may be overblown. We will cover edge cases that are turning out to be more troublesome than anticipated. Lastly, we will discuss what might come next after SBOM and where there are opportunities for innovation (e.g., new tooling or standards) on top of SBOMs.
Login to Watch

avatar for Sounil Yu

Sounil Yu

CISO, JupiterOne
Sounil Yu is a cybersecurity executive with more than 30 years of hands-on security experience. He is the creator of the Cyber Defense Matrix and the DIE Resiliency Framework, serves on the board of SCVX Corp and the FAIR Institute, teaches security as an Adjunct Professor, co-chairs... Read More →

avatar for Summer Craze Fowler

Summer Craze Fowler

Summer Craze Fowler is the CIO/CISO at Argo AI, a software company focused on changing the world by building self-driving technology. She is a leader in cyber security with more than 19 years of experience in risk management and software engineering. She came to Argo AI from Carnegie... Read More →
avatar for Allan Friedman

Allan Friedman

SBOM Champion, Cybersecurity and Infrastructure Security Agency (CISA)
Dr. Allan Friedman is an SBOM champion at the U.S. government's CISA (Cybersecurity and Infrastructure Security Agency). Prior to joining CISA, he served as Director of Cybersecurity Initiatives at National Telecommunications and Information Administration in the US Department of... Read More →
avatar for Steve Springett

Steve Springett

Chair, CycloneDX Core Working Group
Steve educates teams on the strategy and specifics of developing secure software. He practices security at every stage of the development lifecycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research, and defensive... Read More →

Tuesday September 14, 2021 3:15pm - 4:00pm EDT