- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-02-15T21:02:00
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials (SBOM), according to a senior adviser and strategist at the Cybersecurity and Infrastructure Security Agency.
Computer software is in everything from cars to manufacturing equipment, but unlike metal parts, barrels of liquids, or other items used in production, we often know nothing about who created the software and its history. This has created huge risk for organizations, said Allan Friedman during his keynote address at Day 1 of Compliance Week’s virtual Cyber Risk & Data Privacy Summit on Wednesday.
“The security of software has gotten better” over time, but software is created by humans and humans make mistakes, Friedman said. “The starting point is transparency.”
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
The new artificial intelligence framework released by the National Institute of Standards and Technology is not a checklist for AI but might help organizations better manage the risks associated with the technology.
Sen. Ron Wyden (D-Ore.) is calling on federal agencies to hold Microsoft accountable for “negligent cybersecurity practices” that played part in a Chinese hacking campaign that targeted U.S. government email addresses.
The “biggest, most capable, and best-positioned” businesses must assume a greater share of mitigating cyber risks, the White House said in announcing the National Cybersecurity Strategy Implementation Plan.
American Water Works Company, which supplies drinking water and wastewater to 14 million customers, disclosed a breach of its computer networks and system due to a cybersecurity incident.
The global average cost of a data breach jumped to an all-time high for the second year in a row, but companies can reel in the ballooning drag on profits by adopting artificial intelligence, according to an IBM report.
The U.S. Department of Energy released supply chain cybersecurity principles meant to help strengthen key technologies used to manage and operate electricity, oil, and natural gas systems.
