Tom Pace on SBOMs for ICS and OT

Nexus: A Claroty Podcast

English - August 22, 2021 04:00 - 48 minutes - 33.6 MB - ★★★★★ - 4 ratings
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: Tony Baker on OT Cybersecurity Challenges, CIP Security

Next Episode: Dennis Fisher on 'When Bug Bounties Went Boom'

Tom Pace, founder of security company NetRise joins Claroty's Aperture Podcast to discuss SBOMs, or software bill of materials, and how they can be leveraged to improve industrial control system and operational technology cybersecurity.

SBOMs are analogous to ingredient labels on food products, or parts lists for automobiles. Yet for ICS and OT equipment, they are a rarity. That lack of visibility into software and firmware components puts organizations at risk in the event of an incident, or can hamper risk management efforts.

Pace discusses the value proposition of SBOMs, how they can be created and consumed inside industrial enterprises, and takes down some misconceptions vendors and buyers may have around SBOMs giving attackers a network roadmap, or leaking intellectual property secrets.

Pace also covered this subject in a talk at the recent ICS Village at DEFCON.