Daniel Bardenstein: Transparency and Trust With SBOM

About Daniel Bardenstein: Daniel Bardenstein is the driving force behind Manifest, a pioneering software supply chain company revolutionizing how organizations manage SBOM lifecycles. As CTO and co-founder, he empowers enterprises to automate and streamline their processes. Daniel's remarkable journey includes pivotal roles such as Chief of Tech Strategy at CISA, where he orchestrated technology modernization and shaped critical cyber strategies. Notably, he spearheaded cybersecurity initiatives across the Department of Defense, safeguarding vital assets including COVID-19 vaccines. His expertise extends beyond tech, as he co-presides over Foresight Partners, providing essential cybersecurity aid to political campaigns. In this episode, Aaron and Daniel Bardenstein discuss:The importance of software bill of materials (SBOMs) in OT securityLeveraging SBOMs, VEX, and contextual data in OTTransforming compliance checkboxes into actionable data insightsExploring the shifting burden of cybersecurityKey Takeaways:SBOM is crucial for both IT and OT sectors, especially in OT where equipment longevity and reliability are paramount, enabling asset owners to proactively understand, manage, and respond to the intricate software dependencies, vulnerabilities, and risks within their critical systems, thereby enhancing security and operational continuity.In the realm of OT and cybersecurity, embracing transparency through SBOMs, automating vulnerability data exchange (VEX), and utilizing contextual information can empower organizations to make well-informed decisions to safeguard their critical systems and maximize their cybersecurity efforts.Harnessing the power of SBOMs as a transformative data asset, rather than a mere compliance checkbox, enables businesses to proactively manage vulnerabilities, enhance security, and streamline operations through informed decision-making and targeted action.The shift towards proactive security through comprehensive asset management and transparency in the software supply chain promises a safer future, while the looming concern of cyberattacks transcending into the physical realm necessitates urgent preparation and action. "Asset owners should feel fully empowered to push the responsibility for transparency onto their vendors. You buy cereal at the grocery store with no ingredients, well, you have to tell us what's in Raisin Bran and tell us if there's anything poisonous in it, right? It should be the responsibility of your vendors to tell you what's in the stuff that you're going to buy from them." — Daniel Bardenstein Connect with Daniel Bardenstein:  Website: www.manifestcyber.comLinkedIn: https://www.linkedin.com/company/manifestcyber/ and https://www.linkedin.com/in/bardenstein/Twitter: https://twitter.com/manifestcyber and https://twitter.com/bardensteinConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.