Finite State Blog

MergeBase’s Bob Lyle To Present at GSMA FASG #29, Istanbul

Written by Finite State Team | Jul 2, 2024 3:32:49 PM

What a big week last week at Finite State and MergeBase! Beyond the acquisition, Bob Lyle, CRO of MergeBase, as well as Deputy Chair of the GSMA’s Device Security Group (DSG), attended the GSMA Fraud and Security Group (FASG) plenary meeting in Istanbul from June 25-27 (FASG#29)! 



As a member of GSMA, MergeBase is deeply engaged in efforts to improve the security of mobile devices, networks, and applications. Both MergeBase and Finite State take pride in supporting Bob as he leads significant industry standards and fosters collaborative initiatives through the DSG's work, which spans IoT and Mobile Device threats, remediation, and standards.

In today's digital environment, where we need mobile devices across our personal and professional lives more and more, the importance of mobile application security is increasingly critical.

While the meeting is restricted to GSMA members only, we can share that Bob presented an update on activities in the DSG, as well as a proposal related to the minimum requirements for SBOMs (Software Bill of Materials) in the mobile ecosystem. 

Some highlights include: 

  • Software supply chain attacks have been increasing dramatically in recent years 
  • Regulatory requirements globally are calling for the use of SBOMs, e.g., US Executive Order 14028, EU CRA, and the US FDA Final Guidance, as well as emerging regulations in many other regions and countries
  • Clearly defining minimum requirements around the use of SBOMs in the mobile ecosystem could be of value to the industry, and allow various governments and regulators to refer to a uniform industry standard

By taking part in events such as GSMA FASG #29 and joining forces with Finite State to offer the industry's leading software supply chain security solution, Finite State and MergeBase continue to lead in protecting mobile applications, along with mobile and IoT devices, and enhancing software supply chain security across the connected device ecosystem.