Accessibility Statement Skip Navigation
  • Why PRWeb
  • How It Works
  • Who Uses It
  • Pricing
  • Login
  • GDPR
  • Create a Free Account
Return to PRWeb homepage
  • News
  • Resources
  • Contact
When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases

      • All News Releases
      • Multimedia Gallery

      • All Multimedia
      • All Photos
      • All Videos
  • Business & Money
      • Auto & Transportation

      • Aerospace, Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads and Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking and Road Transportation
      • View All Auto & Transportation

      • Business Technology

      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors
      • View All Business Technology

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Financial Services & Investing

      • Accounting News & Issues
      • Acquisitions, Mergers and Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalization
      • Sales Reports
      • Shareholder Activism
      • Shareholder Meetings
      • Stock Offering
      • Stock Split
      • Venture Capital
      • View All Financial Services & Investing

      • General Business

      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Environmental, Social and Governance (ESG)
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls and Research
      • Trade Show News
      • View All General Business

  • Science & Tech
      • Consumer Technology

      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications
      • View All Consumer Technology

      • Energy & Natural Resources

      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil and Gas Discoveries
      • Utilities
      • Water Utilities
      • View All Energy & Natural Resources

      • Environ­ment

      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters
      • View All Environ­ment

      • Heavy Industry & Manufacturing

      • Aerospace & Defense
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation and Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking and Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco
      • View All Heavy Industry & Manufacturing

      • Telecomm­unications

      • Carriers and Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications
      • View All Telecomm­unications

  • Lifestyle & Health
      • Consumer Products & Retail

      • Animals & Pets
      • Beers, Wines and Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics and Personal Care
      • Fashion
      • Food & Beverages
      • Furniture and Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewelry
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys
      • View All Consumer Products & Retail

      • Entertain­ment & Media

      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • View All Entertain­ment & Media

      • Health

      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine
      • View All Health

      • Sports

      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories
      • View All Sports

      • Travel

      • Amusement Parks and Tourist Attractions
      • Gambling & Casinos
      • Hotels and Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry
      • View All Travel

  • Policy & Public Interest
      • Policy & Public Interest

      • Advocacy Group Opinion
      • Animal Welfare
      • Congressional & Presidential Campaigns
      • Corporate Social Responsibility
      • Domestic Policy
      • Economic News, Trends, Analysis
      • Education
      • Environmental
      • European Government
      • FDA Approval
      • Federal and State Legislation
      • Federal Executive Branch & Agency
      • Foreign Policy & International Affairs
      • Homeland Security
      • Labor & Union
      • Legal Issues
      • Natural Disasters
      • Not For Profit
      • Patent Law
      • Public Safety
      • Trade Policy
      • U.S. State Policy
      • View All Policy & Public Interest

  • People & Culture
      • People & Culture

      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women
      • View All People & Culture

  • Hamburger menu
  • Cision PRWeb provides efficient communication tools to continuously engage with target audiences across multiple online channels
  • Create a Free Account
    • ALL CONTACT INFO
    • Contact Us


      11AM ET Sunday – 8PM ET Friday

  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • News in Focus
    • Browse All News
    • Multimedia Gallery
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
  • Policy & Public Interest
  • People & Culture
    • People & Culture
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR
  • Send a Release
  • Sign up
  • Log in
  • Resources
  • RSS
  • GDPR

The Government's Software Bill of Materials (SBOM) Mandate Is Part of a Bigger Cybersecurity Picture


News provided by

Eracent

Mar 13, 2023, 09:50 ET

Share this article

Share toX

Share this article

Share toX


Cybersecurity attacks have become all too commonplace in the government and private sectors. A recent presidential executive order seeks to minimize the persistent cyber threats to national security by mandating that all software developers that contract with the Federal Government provide a Software Bill of Materials (SBOM). Walt Szablowski, Founder and Executive Chairman of Eracent, cautions all software users that maximizing the benefits of SBOMs requires Supply Chain Risk Management that uses a consolidated and proactive approach to mitigating software vulnerabilities.

RIEGELSVILLE, Pa., March 13, 2023 /PRNewswire-PRWeb/ -- The number of cyberattacks waged against government sectors worldwide increased by 95% in the second half of 2022 compared to the same time period in 2021.(1) The global cost of cyberattacks is expected to grow exponentially from $8.44 trillion in 2022 to $23.84 trillion by 2027.(2) To support the nation's critical infrastructure and Federal Government networks, the White House issued Executive Order 14028, "Improving the Nation's Cybersecurity" in May 2021.(3) The EO defines the security measures that must be followed by any software publisher or developer that does business with the Federal Government. One of these measures requires all software developers to provide a Software Bill of Materials (SBOM), a complete inventory list of components and libraries that comprise a software application. Walt Szablowski, Founder and Executive Chairman of Eracent, which has provided complete visibility into its large enterprise clients' networks for over two decades, observes, "SBOMs are meaningless unless they are part of a larger strategy that identifies risks and vulnerabilities across the software supply chain management system."

The National Telecommunications and Information Administration (NTIA) defines a Software Bill of Materials as "a complete, formally structured list of components, libraries, and modules that are required to build a given piece of software and the supply chain relationships between them."(4) The U.S. is especially vulnerable to cyberattacks because much of its infrastructure is controlled by private companies who may not be equipped with the level of security necessary to thwart an attack.(5) The key benefit of SBOMs is that they enable organizations to identify whether any of the components that make up a software application may have a vulnerability that can create a security risk.

SBOMs are meaningless unless they are part of a larger strategy that identifies risks and vulnerabilities across the software supply chain management system.

Post this

While U.S. government agencies will be mandated to adopt SBOMs, commercial companies would clearly benefit from this extra level of security. As of 2022, the average cost of a data breach in the U.S. is $9.44 million, with a global average of $4.35 million.(6) According to a Government Accountability Office (GAO) report, the Federal Government runs three legacy technology systems dating back five decades. The GAO warned that these outdated systems increase security vulnerabilities and frequently run on hardware and software that is no longer supported.(7)

Szablowski explains, "There are two key aspects that every organization will have to address when using SBOMs. First, they must have a tool that can quickly read all of the details in an SBOM, match the results to known vulnerability data, and provide heads-up reporting. Second, they must be able to establish an automated, proactive process to stay on top of SBOM-related activity and all of the unique mitigation options and processes for each component or software application."

Eracent's cutting-edge Intelligent Cybersecurity Platform (ICSP)™ Cyber Supply Chain Risk Management™ (C-SCRM) module is unique in that it supports both of these aspects to provide an additional, critical level of protection to minimize software-based security risks. This is essential when initiating a proactive, automated SBOM program. The ICSP C-SCRM offers comprehensive protection with instant visibility to mitigate any component-level vulnerabilities. It recognizes obsolete components that can also increase security risk. The process automatically reads the itemized details within the SBOM and matches each listed component to the most up-to-date vulnerability data using Eracent's IT-Pedia® IT Product Data Library — a single, authoritative source for essential data concerning millions of IT hardware and software products."

A vast majority of commercial and custom applications contain open-source code. Standard vulnerability analysis tools do not scrutinize individual open-source components within applications. However, any one of these components may contain vulnerabilities or obsolete components, increasing software susceptibility to cybersecurity breaches. Szablowski notes, "Most tools let you create or analyze SBOMs, but they are not taking a consolidated, proactive management approach — structure, automation, and reporting. Companies need to understand the risks that may exist in the software they use, whether open-source or proprietary. And software publishers need to understand the potential risks inherent in the products they offer. Organizations need to fortify their cybersecurity with the enhanced level of protection Eracent's ICSP C-SCRM system delivers."

About Eracent

Walt Szablowski is the Founder and Executive Chairman of Eracent and serves as Chair of Eracent's subsidiaries (Eracent SP ZOO, Warsaw, Poland; Eracent Private LTD in Bangalore, India; and Eracent Brazil). Eracent helps its customers meet the challenges of managing IT network assets, software licenses, and cybersecurity in today's complex and evolving IT environments. Eracent's enterprise clients save significantly on their annual software spend, reduce their audit and security risks, and establish more efficient asset management processes. Eracent's client base includes some of the world's largest corporate and government networks and IT environments — the USPS, VISA, US Airforce, British Ministry of Defense — and dozens of Fortune 500 companies rely on Eracent solutions to manage and protect their networks. Visit https://eracent.com/. 

References:
1) Venkat, A. (2023, January 4). Cyberattacks against governments jumped 95% in last half of 2022, Cloudsek says. CSO Online. Retrieved February 23, 2023, from csoonline.com/article/3684668/cyberattacks-against-governments-jumped-95-in-last-half-of-2022-cloudsek says.html#:~:text=The%20number%20of%20attacks%20targeting,AI%2Dbased%20cybersecurity%20company%20CloudSek
2) Fleck, A., Richter, F. (2022, December 2). Infographic: Cybercrime expected to skyrocket in coming years. Statista Infographics. Retrieved February 23, 2023, from statista.com/chart/28878/expected-cost-of-cybercrime-until-2027/#:~:text=According%20to%20estimates%20from%20Statista's,to%20%2423.84%20trillion%20by%202027
3) Executive order on improving the nation's cybersecurity. Cybersecurity and Infrastructure Security Agency CISA. (n.d.). Retrieved February 23, 2023, from cisa.gov/executive-order-improving-nations-cybersecurity
4) The Linux Foundation. (2022, September 13). What is an SBOM? Linux Foundation. Retrieved February 23, 2023, from linuxfoundation.org/blog/blog/what-is-an-sbom
5) Christofaro, B. (n.d.). Cyberattacks are the newest frontier of war and can strike harder than a natural disaster. here's why the US could struggle to cope if it got hit. Business Insider. Retrieved February 23, 2023, from businessinsider.com/cyber-attack-us-struggle-taken-offline-power-grid-2019-4
6) Published by Ani Petrosyan, 4, S. (2022, September 4). Cost of a data breach in the U.S. 2022. Statista. Retrieved February 23, 2023, from statista.com/statistics/273575/us-average-cost-incurred-by-a-data-breach/
7) Malone, K. (2021, April 30). Federal government is running 50-year-old technology - with no updates planned. CIO Dive. Retrieved February 23, 2023, from ciodive.com/news/GAO-federal-legacy-tech-security-red-hat/599375/

Media Contact

Karla Jo Helms, JOTO PR™, 727-777-4619, [email protected]

Twitter

SOURCE Eracent

Modal title

Contact PRWeb

  • 11AM ET Sunday – 8PM ET Friday
  • Contact Us

About PRWeb

  • About PRWeb
  • Partners
  • Partnership Programs
  • Editorial Guidelines
  • Resources

Why PRWeb

  • Why PRWeb
  • How It Works
  • Who Uses It
  • Pricing

Accounts

  • Create a Free Account
  • Log in
  • Contact Us

Do not sell or share my personal information:

  • Submit via [email protected] 
  • Call Privacy toll-free: 877-297-8921

Contact Cision

Products

About

My Services
  • All News Releases
  • Online Member Center
  • ProfNet
Cision Distribution Helpline
888-776-0942
  • Legal
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2025 Cision US Inc.