With the release of President Biden’s Executive Order 14028 on “Improving the Nation’s Cybersecurity” from May 2021 the US public and private sectors have been alerted to the significant cybersecurity risks within our software supply chain. As of the March 2023 release of the National Cybersecurity Strategy, which will shift liability for software products and services to promote secure development practices, it’s evident that software security needs to be elevated across all organizations. In this episode, your host John Verry, Pivot Point Security CISO and Managing Partner, sits down with Tim Mackey, Head of Software Supply Chain Risk Strategy at Synopsys, to explore what better software supply chain security means for software development and more. In this episode, join us as we discuss: · Defining an SBOM what it can include depending on stakeholder needs · The value of SBOMs for both software developers and their clients · Market drivers for improved software supply chain security · Software composition analysis and its role in mapping dependencies and identifying vulnerabilities within code · How the NIST Secure Software Development Framework (SSDF) supports initiatives to improve software supply security To hear this episode and many more like it, we encourage you to subscribe to the Virtual CISO Podcast. Just search for The Virtual CISO Podcast in your favorite podcast player or watch the Podcast on YouTube here. To stay updated with the newest podcast releases, follow us on LinkedIn here.