InSecurity
InSecurity
May 23, 2020
Chris Blask & Fred Cohen: DBOM and the Record of Everything
Play • 1 hr 16 min

Nothing you are about to hear is true… but it all happened…

-- Fred Cohen 11 May, 2020

 

 

What happens when you get two legends of the security industry together for a chat about everything? Well… first, you can throw the carefully created outline right out the window because there is no way anyone can corrall these two into talking about just a few topics. The best you can hope for is that they agree to come back and do it again… because there’s just too much ground to cover and not nearly enough time to get into all of it in a single episode.

 

 

Let’s just say that we set out to have a discussion on creating a way to catalog all of the things that go into making things. That catalog would also include where those things were made and what they were made of and how they arrived from their place of origin. The catalog would then include data on the place of origin and what went on there… see where we’re going with this? It’s a bit like a fractal version of the periodic table of elements.

 

 

On today’s episode of InSecurity, Matt Stephenson did his best to stay out of the way in a freewheeling jam session with security legends Chris Blask & Dr Fred Cohen. Trying to describe their chat is like chasing mercury. Let it be known that the conversation included discussions of a Digital Bill of Materials for… pretty much everything, and the positive effect having access to this record could produce. But that doesn’t come near to doing justice to what all they covered… check it out

 

 

About Chris Blask

 

 

 

 

Chris Blask’s (@chrisblask) career spans the breadth of the cybersecurity industry for more than 25 years.

 

He invented one of the first firewall products, built a multi-billion dollar firewall business at Cisco System, co-founded an early SIEM vendor, authored the first book on SIEM, founded an information sharing center for critical infrastructures, and has advised public and private organizations in every sector around the world.

 

In his role within the Office of Innovation at Unisys, Chris created and leads the Operational Technology and IoT practices, invented the Digital Bill of Materials (DBoM) structure, and established the Unisys Marine Living Research Center.

 

Today he chairs a range of non-profit cybersecurity organizations and contributes to a wide range of global security efforts. 

 

 

About Fred Cohen, PhD

 

 

 

 

Dr. Fred Cohen (@fc0) is widely considered to be one of the leading security/risk experts in the world. He is best known as the person that defined the term “computer virus” and inventor of the most widely used computer virus defense techniques.

 

Dr. Cohen was also the principal investigator whose team defined information assurance as it relates to critical infrastructure, did seminal research in the use of deception for information protection, a leader in the science digital forensic examination and leading information protection consultant and analyst.

 

He has authored over 200 published research articles, authored several books and established Masters and Ph.D. security programs now part of Webster University. In 2002 Dr. Cohen revived the “Techno-Security Industry Professional of the Year” award and in 2009 he was named the “most famous hacker of all time” by ABC news.

 

 

About Matt Stephenson

 

 

 

 

Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.

 

Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come

 

 

Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.

 

 

Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!

 

 

Make sure you Subscribe, Rate and Review!

More episodes
Search
Clear search
Close search
Google apps
Main menu