Managing IoT Supply Chain Risk with Dick Brooks (Business Cyber Guardian)

Join us in Cambridge on November 13th for a lunch time Security of Things MeetUp, hosted by ReversingLabs. We'll enjoy pizza (and salad), networking, socializing and hear a presentation on strategies for managing the supply chain risk in smart (IoT) devices.

Our guest speaker will be Dick Brooks (LinkedIn), the co-founder and Lead Software Engineer at Business Cyber Guardian™ (BCG) a Westfield based firm that makes software to help firms manage their Cyber Risk Management best practices and detect cyber risks, such as CISA Known Exploitable Vulnerabilities (KEVs) lurking in their software supply chains.

Dick will speak to us about strategies for operationalizing and sticking to CISA "Secure by Design" principles and practices following the August 1, 2024 release of the CISA Software Acquisition Guide best practices resulting in a "Trust Score" (SAGScore).

Dick has a long history in information security, with a focus on supply chain risk. He spent 14 years as the Principal Systems Architect at ISO New England before launching Business Cyber Guardian in 2018. He also currently serves on the Critical Manufacturing Sector Coordinating Council where he provides critical infrastructure operators with best practice protections in software supply chain Cybersecurity Risk Management (C-SCRM). At our MeetUp Dick will connect his expertise in SCRM and in-depth knowledge of both NIST and CISA guidance for assessing software supply chain risks with the challenges and risks posed by smart, connected devices. That will include how to leverage resources like CISA’s Software Acquisition Guide with regard to embedded and IoT devices and the possibility of developing a software product “Trust Registry” as envisioned by the proposed IETF SCITT architecture. We look forward to seeing you there!