How should asset owners approach SBOM?

What should OT cybersecurity regulation look like? 

On this episode of the IoT: The Internet of Threats podcast, we met with ICS thought leader Dale Peterson and explored the beginnings of Dale's influential S4 ICS annual conference and the addition of this year's SBOM Challenge (in which Finite State will take part).   

We also discussed the future of ICS cybersecurity, the role the SBOM will play, how manufacturers and asset owners can best derive value from the SBOM, and Dale's insights into what makes for an effective ICS patching strategy that won’t break the bank.

Check out the discussion on this latest episode of IoT: The Internet of Threats podcast. 

In this episode, host Eric Greenwald and Dale discuss:

  • The genesis of the S4 ICS Security Event: How and why Dale created one of the world's largest and most influential ICS cybersecurity conferences 

  • Dale's insights into what the future of ICS cybersecurity holds and the role that the SBOM will play

  • How manufacturers and asset owners can best derive information and value from the SBOM (and the business models that will support and fund their continued development and improvement)

  • What constitutes an effective and efficient ICS patching strategy

  • Regulation methodology: cyber hygiene-style vs. risk-based regulations

S4, SBOM, and How It All Came to Be

11842-LinkedInQuoteGraphic_ICSSecurity_Quote1_v1

What's the purpose behind S4's SBOM Challenge this year? How does this contest - which pits various competing SBOM offerings against one another - support the event's increasingly sharp focus on its "Create the Future" theme?  

On this episode of the IoT: The Internet of Threats podcast, Dale Peterson, ICS Cybersecurity Catalyst and Founder of S4 Events, explains the genesis of the SBOM Challenge and the insights it will provide to the ICS cybersecurity community. 

You've Got an SBOM! Now What?

11842-LinkedInQuoteGraphic_ICSSecurity_Quote2_v1

After you generate an SBOM, what you do with it determines whether the resources you've invested actually improve your security or become another check-the-box exercise (and merely a piece of “cybersecurity theater”). 

How do people in the know derive value from the SBOM and the solutions that integrate this tool? What is the SBOM's lasting value to the cybersecurity practitioners who look to the tool to bolster the security of their IoT and OT ecosystems? How does the asset owner use case differ from how manufacturers use SBOM?

Hear Dale Peterson, ICS Cybersecurity Catalyst and Founder of S4 Events, explain the value of the SBOM in OT environments and explore the best ways to use SBOM so that you get full value from this increasingly critical tool.

Guest Details

Dale Peterson is the Founder and CEO of Digital Bond, Inc. and S4 Events. Prior to founding Digital Bond in 1998, Dale held a variety of positions in security. Dale started his career as a cryptanalyst with the NSA (National Security Agency) in 1984. He holds a B.S. in Finance from the University of Illinois Urbana-Champaign. 

Episode Links

All episodes of Finite State’s “The Internet of Threats” podcast can be heard on Spotify, Apple Podcasts, and Google Podcasts.

Listen to this episode in its entirety below!