Security News > 2023 > June > Untangling the web of supply chain security with Tony Turner

Untangling the web of supply chain security with Tony Turner
2023-06-19 02:30

Decades ago, Tony Turner, CEO of Opswright and author of Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, faced an SQL Slammer worm.

During his 25-year career in supply chain security and product security, he became an expert in engineering, security, and product design and he even served as the VP of R&D at Fortress.

Manufacturers' ability to secure products is directly influenced by the security measures of the entire supply chain.

"I think most organizations know that they need to do something about supply chain security but they don't necessarily know what that means," Tony Turner said on the Left to Our Own Devices podcast.

The security of the product supply chain and third-party vendors has evolved beyond facility assessment, intellectual property tracing, and data security work.

Tony continued, "Looking at the software side of supply chain management, it's much bigger than just SBOMs alone. When you speak to some of the smaller vendors, they don't even know what an SBOM is- and they're not required by law yet," said Tony "At the same time, we've heard from some very big manufacturers that they're already requiring that any component they receive comes with an SBOM." Even with the growing awareness of SBOMs, software supply chains are still far from holistic and effective implementation is needed.


News URL

https://www.helpnetsecurity.com/2023/06/19/supply-chain-security-tony-turner-podcast/