The diversity of the global supply chain that makes it critical to modern society also makes it very difficult to know where all of the components of a device came from. Who designed each part, who made it, who put it into a device, who sold it, and who bought it? Inside the sheet metal or plastic shells of our personal and business equipment is a fractal maze of assemblies and subassemblies reaching down to the nanometer scale and beyond into the virtual world.
On this episode of InSecurity, Matt Stephenson welcomes Chris Blask back for a deep dive look into the Digital Bill of Materials (DBOM). What is it? Why do it? Who should care and why the should care? We also go deeper into issues like security, privacy and even storage that compound the degree of difficult in creating and storing a digital record of EVERYTHING. The DBOM could be one of the most important projects you’ve never heard of. Dig it.
About Chris Blask
He invented one of the first firewall products, built a multi-billion dollar firewall business at Cisco System, co-founded an early SIEM vendor, authored the first book on SIEM, founded an information sharing center for critical infrastructures, and has advised public and private organizations in every sector around the world.
In his role within the Office of Innovation at Unisys, Chris created and leads the Operational Technology and IoT practices, invented the Digital Bill of Materials (DBoM) structure, and established the Unisys Marine Living Research Center.
Today he chairs a range of non-profit cybersecurity organizations and contributes to a wide range of global security efforts.
About Matt Stephenson
Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts me in front of crowds, cameras, and microphones all over the world. I am the regular host of the InSecurity podcast and video series at events around the globe.
I have spent the last 10 years in the world of Data Protection and Cybersecurity. Since 2016, I have been with Cylance (now BlackBerry) extolling the virtues of Artificial Intelligence and Machine Learning and how, when applied to network security, can wrong-foot the bad guys. Prior to the COVID shutdown, I was on the road over 100 days a year doing live malware demonstrations for audiences from San Diego to DC to London to Abu Dhabi to Singapore to Sydney. One of the funniest things I've ever been a part of was blowing up a live instance of NotPetya 6 hours after the news broke... in Washington DC... directly across the street from FBI HQ... as soon as we activated it a parade of police cars with sirens blaring roared past the building we were in. I'm pretty they weren't there for us, but you never know...
Every week on the InSecurity Podcast, I get to interview interesting people doing interesting things all over the world of cybersecurity and the extended world of hacking. Sometimes, that means hacking elections or the coffee supply chain... other times that means social manipulation or the sovereign wealth fund of a national economy.
InSecurity is about talking with the people who build, manage or wreck the systems that we have put in place to make the world go round...
Make sure you Subscribe, Rate and Review!