In March, Matt Wyckhouse, our CEO, and Alex Waitkus, Principal Cybersecurity Architect at Southern Company, delivered their thought-provoking S4x24 presentation, "The Quest For SBOMs And the Legend of the SBOM’d Substation."

Their talk centered on an experiment: To try to collect, correlate, and operationalize SBOMs for everything in a substation.

Matt and the team at Finite State and Alex and the team at Southern Co. tried to do this. They went into the substation, physically inventoried all their equipment, collected data from their sensors, and started collecting SBOMs from their vendors.

In this S4x24 main stage presentation, Matt and Alex discussed the successes and problems they encountered, their resolved and open issues, and what asset owners can realistically look forward to if they try to broadly use SBOMs.

Matt described the experiment, and then Alex Came on stage to discuss on how Southern Co. is using the results in procurement, risk management, and OT security workflows.

The growing importance of SBOMs in ICS cybersecurity cannot be overstated, as highlighted in a recent DarkReading article that featured their presentation.


Both Matt and Alex underscored the growing need for comprehensive SBOMs to bolster supply chain security and tighten cybersecurity defenses again potential cyberattacks.

The Importance of SBOMs

In their talk, Matt and Alex emphasized how SBOMs are becoming an essential tool in the fight against ICS cyber threats. An SBOM provides a detailed inventory of all components within a software product, making it easier to identify and address vulnerabilities. This is particularly crucial given the increasing complexity of software development and the widespread use of third-party components across all industries, but especially in ICS.

Key Takeaways from the Talk

1. Visibility and Transparency: SBOMs enhance visibility into the software supply chain. By knowing exactly what components are in their software, utilities can better assess their risk and respond to vulnerabilities more effectively.

2. Proactive Security: Rather than reacting to incidents after they occur, SBOMs allow for proactive security measures. This means identifying and mitigating risks before they can be exploited by attackers.

3. Regulatory Compliance: With regulatory bodies increasingly mandating the use of SBOMs, staying ahead of these requirements can give organizations a competitive edge and ensure compliance.

4. Industry Collaboration: Matt and Alex highlighted the importance of collaboration within the industry. By sharing SBOMs and vulnerability information, companies can collectively improve their security posture and protect the broader ecosystem.

Catch our Recap Series

Looking for a deep read into the contents of our S4x24 main-stage presentation? Follow along through our series of blog posts that provide a summary and key takeaways from each section of the presentation: 

Step 1: The Quest For SBOMs And the Legend of the SBOM’d Substation

Embark on the epic quest for SBOMs in a cyber world, where ideal dreams meet the harsh reality of securing digital infrastructures, one SBOM at a time.

Step 2: Into the Thicket: The Inventory Jungle and Beyond

Dive into the Inventory Jungle & Vendor Valley in our SBOM quest—where detective work meets diplomacy in the quest for cyber resilience.

Step 3: Unveiling the SBOM Enigma: Navigating Through Levels 2 to 4

Journey through SBOM quests: from vendor negotiations to deciphering data enigmas, a tale of resilience and cybersecurity triumphs unfolds.

Step 4: Navigating the Labyrinth: From Vulnerability Hoards to Triaging Towers

Dive into our SBOM odyssey: From unmasking vulnerabilities to strategic defenses, discover how we're forging the future of cybersecurity.

Step 5: SBOM Exiting the Game: Key Takeaways and Future Quests

Dive into the finale of our SBOM quest! Key takeaways, future challenges, and a roadmap for cybersecurity in substations. Don't miss out! 

Real-World Implications

The talk also delved into real-world examples of how SBOMs have been used to uncover hidden vulnerabilities in widely-used software. These case studies illustrated the practical benefits of adopting SBOMs, from preventing supply chain attacks to enhancing overall cybersecurity.

Why This Matters

The insights shared in this presentation are crucial for anyone involved in software development or cybersecurity, especially in the ICS sector. As cyber threats continue to evolve, having a clear understanding of your software’s components and their associated risks is more important than ever.

The Quest For SBOMs And the Legend of the SBOM’d Substation: Watch the Full Talk

For those who were unable to attend S4x24 and see Matt and Alex present live, we are excited to announce that the video recording of our CEO's talk is now available. This is an invaluable opportunity to gain deeper insights into the role of SBOMs in cybersecurity and how you can implement these practices within your own organization.


By making this video accessible, we hope to spread awareness and understanding of SBOMs, helping more organizations protect themselves against the ever-growing landscape of cyber threats.

Join us in prioritizing security and making informed decisions about the software you use and develop.