- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Adrianne Appel2023-02-15T21:02:00
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials (SBOM), according to a senior adviser and strategist at the Cybersecurity and Infrastructure Security Agency.
Computer software is in everything from cars to manufacturing equipment, but unlike metal parts, barrels of liquids, or other items used in production, we often know nothing about who created the software and its history. This has created huge risk for organizations, said Allan Friedman during his keynote address at Day 1 of Compliance Week’s virtual Cyber Risk & Data Privacy Summit on Wednesday.
“The security of software has gotten better” over time, but software is created by humans and humans make mistakes, Friedman said. “The starting point is transparency.”
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
2023-10-04T11:32:00Z By Adrianne Appel
The new artificial intelligence framework released by the National Institute of Standards and Technology is not a checklist for AI but might help organizations better manage the risks associated with the technology.
2023-07-31T18:43:00Z By Kyle Brasseur
Sen. Ron Wyden (D-Ore.) is calling on federal agencies to hold Microsoft accountable for “negligent cybersecurity practices” that played part in a Chinese hacking campaign that targeted U.S. government email addresses.
2023-07-20T18:37:00Z By Adrianne Appel
The “biggest, most capable, and best-positioned” businesses must assume a greater share of mitigating cyber risks, the White House said in announcing the National Cybersecurity Strategy Implementation Plan.
2025-04-08T16:47:00Z By Aaron Nicodemus
The U.K. government wants directors and boards of directors to become more actively involved in cybersecurity risks facing public and private companies, as the world faces “alarming” threats from criminal gangs and malicious nation-states. Though many organizations take cybersecurity seriously, the U.K. government says they do not place management of ...
2025-03-28T14:22:00Z By Thomas Graham, CW guest columnist
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.
2025-02-10T15:27:00Z By Rezaul Karim, CW guest columnist
The dark web has been depicted as a long-standing hub for crimes, where illegal activities such as drug dealing, financial fraud, weapon sales, murder for hire, stolen credit cards, and ransomware gags are easily accessible to the public.
Site powered by Webvision Cloud