Daniel Bardenstein: Transparency and Trust With SBOM

The PrOTect OT Cybersecurity Podcast

About Daniel Bardenstein: Daniel Bardenstein is the driving force behind Manifest, a pioneering software supply chain company revolutionizing how organizations manage SBOM lifecycles. As CTO and co-founder, he empowers enterprises to automate and streamline their processes. Daniel's remarkable journey includes pivotal roles such as Chief of Tech Strategy at CISA, where he orchestrated technology modernization and shaped critical cyber strategies. Notably, he spearheaded cybersecurity initiatives across the Department of Defense, safeguarding vital assets including COVID-19 vaccines. His expertise extends beyond tech, as he co-presides over Foresight Partners, providing essential cybersecurity aid to political campaigns. 

In this episode, Aaron and Daniel Bardenstein discuss:

  • The importance of software bill of materials (SBOMs) in OT security
  • Leveraging SBOMs, VEX, and contextual data in OT
  • Transforming compliance checkboxes into actionable data insights
  • Exploring the shifting burden of cybersecurity

Key Takeaways:

  • SBOM is crucial for both IT and OT sectors, especially in OT where equipment longevity and reliability are paramount, enabling asset owners to proactively understand, manage, and respond to the intricate software dependencies, vulnerabilities, and risks within their critical systems, thereby enhancing security and operational continuity.
  • In the realm of OT and cybersecurity, embracing transparency through SBOMs, automating vulnerability data exchange (VEX), and utilizing contextual information can empower organizations to make well-informed decisions to safeguard their critical systems and maximize their cybersecurity efforts.
  • Harnessing the power of SBOMs as a transformative data asset, rather than a mere compliance checkbox, enables businesses to proactively manage vulnerabilities, enhance security, and streamline operations through informed decision-making and targeted action.
  • The shift towards proactive security through comprehensive asset management and transparency in the software supply chain promises a safer future, while the looming concern of cyberattacks transcending into the physical realm necessitates urgent preparation and action.

"Asset owners should feel fully empowered to push the responsibility for transparency onto their vendors. You buy cereal at the grocery store with no ingredients, well, you have to tell us what's in Raisin Bran and tell us if there's anything poisonous in it, right? It should be the responsibility of your vendors to tell you what's in the stuff that you're going to buy from them." — Daniel Bardenstein

Connect with Daniel Bardenstein: 

Website: www.manifestcyber.com

LinkedIn: https://www.linkedin.com/company/manifestcyber/ and https://www.linkedin.com/in/bardenstein/

Twitter: https://twitter.com/manifestcyber and https://twitter.com/bardenstein

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Au

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes, and get the latest updates.

Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada