InSecurity Podcast: Chris Blask and Fred Cohen on DBOM and the Record of Everything

“Nothing you are about to hear is true, but it all happened…” ~ Fred Cohen, 11th May, 2020

What happens when two legends of the security industry get together for a chat about everything? Well, first you can throw the carefully created discussion outline right out the window because there is no way anyone can corral these two into talking about a few specific topics. The best you can hope for is that they agree to come back and do it again, because there’s just too much ground to cover and not nearly enough time to get into all of it in a single episode.

Let’s just say that we set out to have a discussion on creating a way to catalog all of the things that go into making things today in a single Digital Bill of Materials. That catalog would also include where those things were made, what they were made of, and how they arrived from their place of origin. See where we’re going with this? It’s a bit like a fractal version of the periodic table of elements for everything produced today.

On this episode of the InSecurity Podcast, Matt Stephenson did his best to stay out of the way in a freewheeling jam session with Dr. Fred Cohen and Chris Blask. The best way to describe their chat is like trying to chase mercury. The conversation centered around the creation of a Digital Bill of Materials (DBoM) for pretty much everything and the positive effect it would have on security and beyond. Check it out…

About Chris Blask

Chris Blask’s (@chrisblask) career spans the breadth of the cybersecurity industry for more than 25 years.

He invented one of the first commercial firewall products, built a multi-billion dollar firewall business at Cisco, co-founded an early SIEM vendor and co-authored the first book on SIEM, founded an information-sharing center for critical infrastructure, and has advised public and private organizations in every sector around the world.

In his role within the Office of Innovation at Unisys, Chris created and leads the Operational Technology and IoT practices, conceived the Digital Bill of Materials (DBoM) structure, and established the Unisys Marine Living Research Center. Today he chairs a range of non-profit cybersecurity organizations and contributes to a wide range of global security efforts.

About Fred Cohen, Ph.D.

Dr. Fred Cohen (@fc0) is widely considered to be one of the leading security/risk experts in the world. He is best known as the person who first coined the term “computer virus” and conceived the most widely used computer virus defense techniques.

Dr. Cohen was also the principal investigator whose team defined information assurance as it relates to critical infrastructure, did seminal research in the use of deception for information protection, is a pioneer in the science of digital forensic examination, and is a leading information protection consultant and analyst.

He has authored over 200 published research articles, authored several books, and established Master’s and Ph.D. security programs at Webster University. In 2002 Dr. Cohen received the Techno-Security Industry Professional of the Year award, and in 2009 he was named the “most famous hacker of all time” by ABC news.

About Matt Stephenson

InSecurity host Matt Stephenson (@packmatt73) leads the broadcast media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity Podcast and video series at events around the globe.

Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before.