• Latest
  • Trending
  • All
  • Industry
  • Compliance
  • Global Trade
  • Industry
  • Sustainability & Ethics
  • Video
  • Security & Risk
A person using software bills of materials to enhance cybersecurity at a desk.

The Growing Importance of Software Bills of Materials in Cybersecurity

09/28/2021
PRINTCO SRL Nominated for 2025 Go Global Awards in London

PRINTCO: Romania’s Packaging Powerhouse Pioneering Innovation and Sustainability

07/01/2025
PRINTCO SRL Nominated for 2025 Go Global Awards in London

PRINTCO SRL Nominated for 2025 Go Global Awards in London

07/01/2025

HirtProductions Bridges Continents with Spiritually Uplifting Cinema

07/01/2025

HirtProductions Nominated for 2025 Go Global Awards for Excellence in Impact-Driven Cinema

07/01/2025
Trump Ends Canada Trade Talks, Signals Tariffs

Trump Ends Canada Trade Talks, Signals Tariffs

07/01/2025
Trump Signals Flexibility on Tariff Deadlines

Trump Signals Flexibility on Tariff Deadlines

07/01/2025
Canada Retaliates with Steel Quota After U.S. Tariff Threat

Canada Retaliates with Steel Quota After U.S. Tariff Threat

07/01/2025
Trump Warns Japan of New Tariffs Over Rice Trade

Trump Warns Japan of New Tariffs Over Rice Trade

07/01/2025
Tariffs Add $1 Billion Cost to Nike’s Supply Chain

Tariffs Add $1 Billion Cost to Nike’s Supply Chain

07/01/2025
Random Dynamic Resources Ltd Nominated for Go Global Awards 2025

Random Dynamic Resources Strengthens Research Impact Across Africa and Beyond

06/30/2025
Random Dynamic Resources Ltd Nominated for Go Global Awards 2025

Random Dynamic Resources Ltd Nominated for Go Global Awards 2025

06/30/2025
TransPak Marks Over 70 Years of Excellence in Packaging and Global Logistics

TransPak Nominated for 2025 Go Global Awards in London

06/30/2025
supplychainreport
Tuesday, July 1, 2025
  • Home
  • Industry
    • Supply Chain
    • Logistics & Transportation
    • Importing & Exporting
    • Manufacturing
    • Warehousing & Distribution
  • Compliance
    • Supply Chain Transparency
    • Anti-Money Laundering (AML)
    • Know Your Customer (KYC)
    • Risk Management
    • Export Controls
    • Sanctions
  • Global Trade
    • Market Trends
    • Economic Indicators
    • Sourcing
    • Trade Policies
    • International Relations
    • Trade Agreements
    • Tariffs & Duties
    • Import/Export Statistics
  • Luxury Goods
  • Industry
    • Blockchain in Supply Chain
    • Importing & Exporting
    • Automation & Robotics
    • Artificial Intelligence in Trade
    • Data & Analytics
  • Sustainability & Ethics
    • Green Supply Chains
    • Sustainable Logistics
    • Ethical Sourcing
    • Corporate Social Responsibility
    • Environmental Policies
  • Security & Risk
    • Cybersecurity in Trade
    • Fraud & Scams
    • Risk Mitigation
    • Security Protocols
    • Data Protection
  • ITC News
    • ITC Featured Members
    • ITC Business Councils Highlights
  • Events
    • Upcoming Conferences
    • Upcoming FREE Educational Webinars
No Result
View All Result
supplychainreport
No Result
View All Result

The Growing Importance of Software Bills of Materials in Cybersecurity

by Richie
09/28/2021
in Blockchain in Supply Chain, Industry

YOU MAY ALSO LIKE

HirtProductions Nominated for 2025 Go Global Awards for Excellence in Impact-Driven Cinema

Random Dynamic Resources Strengthens Research Impact Across Africa and Beyond

The evolving landscape of cybersecurity, the implementation of Software Bills of Materials (SBOMs) is gaining importance as a strategy to enhance protection against supply chain cyberattacks. President Biden’s cybersecurity executive order, issued in May, has highlighted the need for improvements in software supply chain security, including mandating SBOMs for software vendors working with the federal government. SBOMs serve as a detailed list of the components that make up a software product, encompassing both open source and proprietary code.

The role of SBOMs is to provide clarity and transparency, enabling quicker identification and mitigation of vulnerabilities or updates within software. This proactive measure is particularly relevant in light of increasing complexity and sophistication in cyberattacks targeting supply chains. However, experts recognize that while SBOMs are beneficial, they are not a comprehensive solution, especially for legacy systems where implementing SBOMs may not be feasible.

Johannes Ullrich, dean of research at the SANS Institute, notes the limitations of SBOMs in addressing software development within legacy systems, suggesting that older code may never have a reasonable SBOM. Nonetheless, advancements in tools and standards, including initiatives by the National Institute of Standards and Technology (NIST) and industry efforts like CycloneDX, are paving the way for more widespread use of SBOMs in modern software development.

The executive order has tasked NIST with defining “critical software,” which will shape future regulations and standards. This definition will consider various factors, including the software’s access level, integration, and potential harm if compromised.

While SBOMs offer a way to enhance cybersecurity, their implementation presents challenges, such as increased costs and the need for scaling resources. Despite these hurdles, the expectation is that SBOMs will gradually become a norm in software development contracts, driven by customer demand and the evolving cybersecurity landscape.

The concept of SBOMs is not new, having been practiced internally by companies for years. However, its recent prominence and formalization in the cybersecurity field mark an important step towards higher accountability and transparency in software development. This shift mirrors the progression seen in other industries where product liability has become a standard consideration.

While SBOMs are a valuable tool in improving supply chain cybersecurity, they are part of a broader spectrum of cyber hygiene practices. The challenges of legacy code and the need for widespread adoption underscore that SBOMs are one piece of a larger puzzle in achieving a robust cybersecurity posture.

Stay updated with supply chain news at The Supply Chain Report. Learn more about international trade at ADAMftd.com with free tools.

#Cybersecurity #SBOM #SupplyChainSecurity #SoftwareBillsOfMaterials #BidenCybersecurityOrder #LegacySystems #NIST #CycloneDX #CriticalSoftware #SoftwareDevelopment #CyberAttackPrevention #TechTransparency #CyberHygiene #SoftwareVulnerabilities #ProactiveCyberDefense #SecureSoftwareSupplyChain

ShareTweet

Subscribe Our Newsletter

Share Your News

Whether it’s a groundbreaking achievement, a heartwarming tale, or an insightful perspective, we want to hear it. Share your news with us, and let’s amplify your voice in the digital symphony of stories.

Submit

A man is riding a bike on a hill.

The Supply Chain Report is your essential daily news website, serving as a trusted source for comprehensive coverage of the complex and ever-evolving global supply chain dynamics. Our expert team delves into the intricacies of international trade, manufacturing, logistics, importing, exporting, and supply chain management; providing in-depth analysis and up-to-date news on the latest trends, disruptions, and technological advancements affecting industries worldwide. From detailed reports on international trade through to insights into procurement strategies and inventory management, we offer valuable content that helps professionals stay informed and make knowledgeable decisions in a fast-paced market.

Each day, we bring you cutting-edge news and expert commentary that dissect significant international trade and supply chain issues Our coverage spans a wide array of sectors including manufacturing, retail, healthcare, food, consumer goods, and technology, ensuring that no matter your field, you have the strategic information needed to navigate the challenges and opportunities of today’s supply chain landscape. By synthesizing complex data and presenting actionable insights, The Supply Chain Report empowers business leaders, policymakers, and logistics professionals to optimize their operations and drive forward with confidence in an interconnected world.

Connect With Us

  • About
  • Events
  • Privacy Policy
  • Contact Us

© 2024 International Centre for Trade Transparency Limited. Incorporated in the United Kingdom.

No Result
View All Result
  • Home
  • Industry
    • Supply Chain
    • Logistics & Transportation
    • Importing & Exporting
    • Manufacturing
    • Warehousing & Distribution
  • Compliance
    • Supply Chain Transparency
    • Anti-Money Laundering (AML)
    • Know Your Customer (KYC)
    • Risk Management
    • Export Controls
    • Sanctions
  • Global Trade
    • Market Trends
    • Economic Indicators
    • Sourcing
    • Trade Policies
    • International Relations
    • Trade Agreements
    • Tariffs & Duties
    • Import/Export Statistics
  • Luxury Goods
  • Industry
    • Blockchain in Supply Chain
    • Importing & Exporting
    • Automation & Robotics
    • Artificial Intelligence in Trade
    • Data & Analytics
  • Sustainability & Ethics
    • Green Supply Chains
    • Sustainable Logistics
    • Ethical Sourcing
    • Corporate Social Responsibility
    • Environmental Policies
  • Security & Risk
    • Cybersecurity in Trade
    • Fraud & Scams
    • Risk Mitigation
    • Security Protocols
    • Data Protection
  • ITC News
    • ITC Featured Members
    • ITC Business Councils Highlights
  • Events
    • Upcoming Conferences
    • Upcoming FREE Educational Webinars

© 2024 International Centre for Trade Transparency Limited. Incorporated in the United Kingdom.