In 2023, there were a number of new cybersecurity regulations introduced in the U.S. and the EU designed to protect organizations' digital assets. But it can be tricky to make sense of all these regulations and ensure you remain in compliance going into 2024. Not to mention the potential for even more regulations this year.

In this Techstrong Learning Experience, Lynn Westfall, software supply chain expert & consultant and Alex Rybak, senior director of product management at Revenera, will break down the multitude of updates to these various cybersecurity regulations and help you cut through the red tape. Westfall and Rybak will discuss the ins and outs of these mandates, explain how we got here, where we are today and what to expect and plan for in the near-term.

Join us as these experts discuss:

• What prompted all of this, and why?
• US Cyber EO / EU CRA updates (SBOMs & software attestations)
• Latest SEC cyber regulations (8-Ks and 10-Ks)
• Latest FDA cybersecurity regulations
• Quality metrics
• How to get started?
• What’s next?

Key Takeaways:

• Engage with the community (CISA, CycloneDX, SPDX, SLSA, OpenSSF)
• Work with your OSPO for policy refresh, training and responsibility/accountability discussions
• Start constructing SBOMs
• Agree on a format, cadence, and level of content, coverage and context; integrate into CI/CD
• Work with procurement regarding requesting SBOMs; agree on process once you receive them