BEGIN:VCALENDAR VERSION:2.0 PRODID:IEEE vTools.Events//EN CALSCALE:GREGORIAN BEGIN:VTIMEZONE TZID:EST5EDT BEGIN:DAYLIGHT DTSTART:20220313T030000 TZOFFSETFROM:-0500 TZOFFSETTO:-0400 RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3 TZNAME:EDT END:DAYLIGHT BEGIN:STANDARD DTSTART:20221106T010000 TZOFFSETFROM:-0400 TZOFFSETTO:-0500 RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11 TZNAME:EST END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTAMP:20220525T041238Z UID:36A552F3-AA53-4FCB-B962-5337B0D10B68 DTSTART;TZID=EST5EDT:20220523T190000 DTEND;TZID=EST5EDT:20220523T200000 DESCRIPTION:This meeting was recorded. You can view the meeting at https:// youtu.be/W1CEtzhTJQ4.\n\nDid you have to deal with the Log4j or Spring4She ll vulnerability? How much time have you spent just tracking down whether your company's software was affected by these problems? Do you even know w hat all of the components are that are included\, either directly or indir ectly\, in your software? How prepared are you for dealing with the next Z ero Day vulnerability?\n\nJoin us for this panel session to discuss the ro le of a [Software Bill of Materials](https://www.cisa.gov/sbom) as part of your software development process.\n\nPanelists include:\n\n- Allan Fried man - Leading CISA's efforts to coordinate SBOM efforts inside and outside the US Government and around the world.\n- L Jean Camp\, IEEE Fellow\, Pr ofessor of Informatics & Computer Science. Center Director\, Security & Pr ivacy in Informatics\, Computing\, & Engineering at Indiana University (SP ICE)\n- Tom Alrich - Co-lead for the National Telecommunications and Infor mation Adminstration's Energy SBOM Proof of Concept. Consultant to electri c power industry clients and vendors to the power industry\, focusing on s upply chain cybersecurity and NERC CIP-013 compliance.\n- Steve Pruskowski - Security Test & Evaluation Federal Lead\, Cybersecurity and Infrastruct ure Security Agency.\n\nThe panel will be moderated by Johnny Johnson\, Ch air of the Richmond IEEE Computer Society\, CISSP (Certified Information S ystems Security Professional) with 24 years of experience working in vario us government agencies including DHS/CISA\, the Department of Defense and the Department of State.\n\nAnyone interested in joining the open\, cross- sector international SBOM effort can email sbom@cisa.dhs.gov\n\nUS Governm ent Websites\n\n- Cybersecurity & Infrastructure Security Agency (CISA) SB OM main page – https://www.cisa.gov/sbom.\n- National Telecommunications and Information Administration (NTIA) SBOM main page – https://www.ntia .doc.gov/SBOM.\n\nSBOM Formats\n\n- SPDX SBOM format: https://spdx.dev/\n- CycloneDX SBOM and VEX formats: https://cyclonedx.org/\n\nLinux Foundatio n\n\n- The State of Software Bill of Materials (SBOM) and Cybersecurity Re adiness - https://www.linuxfoundation.org/tools/the-state-of-software-bill -of-materials-sbom-and-cybersecurity-readiness/\n- Free SBOM Course – ht tps://training.linuxfoundation.org/training/generating-a-software-bill-of- materials-sbom-lfc192/.\n\nVirtual: https://events.vtools.ieee.org/m/31170 2 LOCATION:Virtual: https://events.vtools.ieee.org/m/311702 ORGANIZER:allen.jones@ieee.org SEQUENCE:12 SUMMARY:Cyber Security Panel Session - Software Bill of Materials URL;VALUE=URI:https://events.vtools.ieee.org/m/311702 X-ALT-DESC:Description: <br /><p><strong>This meeting was recorded. You can view the meeting at <a href="https://youtu.be/W1CEtzhTJQ4">https://youtu. be/W1CEtzhTJQ4</a>.</strong></p>\n<p>Did you have to deal with the Log4j o r Spring4Shell vulnerability? How much time have you spent just tracking d own whether your company's software was affected by these problems? Do you even know what all of the components are that are included\, either direc tly or indirectly\, in your software? How prepared are you for dealing wit h the next Zero Day vulnerability?</p>\n<p>Join us for this panel session to discuss the role of a <a href="https://www.cisa.gov/sbom">Software Bill of Materials</a> as part of your software development process.</p>\n<p>Pa nelists include:</p>\n<ul>\n<li>Allan Friedman - Leading CISA's efforts to coordinate SBOM efforts inside and outside the US Government and around t he world.</li>\n<li>L Jean Camp\, IEEE Fellow\, Professor of Informatics & amp\; Computer Science. Center Director\, Security &amp\; Privacy in Infor matics\, Computing\, &amp\; Engineering at Indiana University (SPICE)</li> \n<li>Tom Alrich - Co-lead for the National Telecommunications and Informa tion Adminstration's Energy SBOM Proof of Concept. Consultant to electric power industry clients and vendors to the power industry\, focusing on sup ply chain cybersecurity and NERC CIP-013 compliance.</li>\n<li>Steve Prusk owski - Security Test &amp\; Evaluation Federal Lead\, Cybersecurity and I nfrastructure Security Agency.</li>\n</ul>\n<p>The panel will be moderated by Johnny Johnson\, Chair of the Richmond IEEE Computer Society\, CISSP ( Certified Information Systems Security Professional) with 24 years of expe rience working in various government agencies including DHS/CISA\, the Dep artment of Defense and the Department of State.</p>\n<p>Anyone interested in joining the open\, cross-sector international SBOM effort can email sbo m@cisa.dhs.gov</p>\n<p><strong>US Government Websites</strong></p>\n<ul>\n <li>Cybersecurity &amp\; Infrastructure Security Agency (CISA) SBOM main p age &ndash\; <a href="https://www.cisa.gov/sbom">https://www.cisa.gov/sbom </a>.</li>\n<li>National Telecommunications and Information Administration (NTIA) SBOM main page &ndash\; <a href="https://www.ntia.doc.gov/SBOM">ht tps://www.ntia.doc.gov/SBOM</a>.</li>\n</ul>\n<p><strong>SBOM Formats</str ong></p>\n<ul>\n<li>SPDX SBOM format: <a href="https://spdx.dev/">https:// spdx.dev/</a></li>\n<li>CycloneDX SBOM and VEX formats: <a href="https://c yclonedx.org/">https://cyclonedx.org/</a></li>\n</ul>\n<p><strong>Linux Fo undation</strong></p>\n<ul>\n<li>The State of Software Bill of Materials ( SBOM) and Cybersecurity Readiness - <a href="https://www.linuxfoundation.o rg/tools/the-state-of-software-bill-of-materials-sbom-and-cybersecurity-re adiness/">https://www.linuxfoundation.org/tools/the-state-of-software-bill -of-materials-sbom-and-cybersecurity-readiness/</a></li>\n<li>Free SBOM Co urse &ndash\; <a href="https://training.linuxfoundation.org/training/gener ating-a-software-bill-of-materials-sbom-lfc192/">https://training.linuxfou ndation.org/training/generating-a-software-bill-of-materials-sbom-lfc192/< /a>.</li>\n</ul> END:VEVENT END:VCALENDAR