Mike Sanchez Of United Data Technologies On SBOMs; What They Are, What They Are Not, And How Organizations Can Use Them To Make Us More Secure

Cyber attacks on products, devices, vehicles and critical infrastructure are on the rise. One of the tools that can be used to identify cyber threats are SBOMs, or Software Bill of Materials. How exactly can they be used to keep products more secure? What are their limitations? Why and how should a manufacturer or business use them?
  1. Hard Work Ethic — I was exposed to it early on, but really understood how important it was when I served in the Marine Corps. Your character as a leader is continuously tested in that environment. If you’re not willing to work hard and do as much or more as what you’re asking from the Marines assigned to you, no one will follow you anywhere.
  2. Integrity — Always deliver what you promise. It must guide your efforts in your business and your personal life. Not having integrity in everything you do, will make life exceptionally hard and stressful.
  3. Never ever stop learning — No matter your position, you can never stop learning and gaining valuable experience which contributes to having confidence in your work and your opinion. An attack that renders one of our clients without being able to operate, will quickly turn me from hero to zero in a wink of an eye. Because of this, I’m always trying to learn what type of techniques and tactics are being used, the challenges our clients deal with and what other things we need to do to improve our services.

  1. Cybersecurity is now very much a board level item. That wasn’t necessarily the case 7 to 10 years ago.
  2. The spending on cybersecurity has grown exponentially. Organizations allocate about 10% of their IT budget for cybersecurity services and solutions. This was unheard of 10 years ago when it was approximately 3 to 5% of an organization’s IT budget.
  3. The CISO position has evolved and become more important to the organization. This position practically didn’t exist 5 to 10 years ago.
  4. Cybersecurity issues have evolved into a business focus issue instead of merely a technology focus.
  5. In terms of trends, AI applications will help us develop solutions that are able to detect and respond to attacks faster. However, AI applications like ChatGpt probably pose the biggest threat. AI applications like ChatGPT can now be leveraged to develop sophisticated bots with malware to specifically exploit vulnerabilities of an application or in networks in half the time. The amount of intelligence hackers can gain prior to attacking an organization, now takes seconds instead of hours compiling intelligence from different data sources. It’s also extremely fast in creating custom made email messages attackers can then utilize during email phishing campaigns. So, it’s early in the ballgame so to speak; but AI capabilities are definitely outpacing our ability to react accordingly.

  • SBOMs are complicated to produce. Not true. There are applications that can help automate their development and inclusion within each application.
  • Only developers should have access to SBOMs. SBOMs should be shared across other business stakeholders including legal, risk and compliance departments, Chief Information and Security Officers and IT operations.
  • Much like the first point, some people think SBOMs are only relevant to enterprise level organizations. However, SBOMs are extremely important for any organization of any size that develops their own proprietary application, leverages open-source libraries as a component of their applications, or utilizes data sources or components from a 3rd party organization.

  • Organizations fail to keep the SBOM up to date with the latest information.
  • Organizations losing resources which originally developed the SBOM and were responsible for updating it.
  • Establishing a standard to follow which incorporates minimum requirements. This helps avoid different groups from developing SBOMs based on different formats which then become hard to understand or evaluate.
  • Centralize processes like SBOM management, evaluating and approving changes and or updating the SBOM itself including when changes can be applied and how are these changes communicated with.

  1. Identify an individual responsible for managing and keeping track of SBOMs and related applications. Even if different departments may contribute to the technical components of an application, S-B-O-M management should be a centralized function.
  2. Employ and adopt one of the frameworks. There are a few which are widely used such as NIST, and ISO or ones available through an open standard format like SPDX or CycloneDX. Ensure its adoption and use through periodic reviews with different stakeholders. Consider incorporating metrics that measure the number of changes made to SBOMs per application.
  3. Make an inventory of all applications and utilize an automated tool that identifies existing SBOMs. Review the results of these scans with stakeholders and identify gaps between existing documentation and results from scans. Repeatedly use the tool to validate mitigation efforts identified during periodic reviews to ensure fixes are applied.
  4. During the periodic reviews, include members from development, IT, risk management, HR and other teams which oversee application development to confirm SBOMs are embedded within software development lifecycle processes.
  5. Ensure vulnerability scans are being performed per internal vulnerability management policies. Prioritize mitigation efforts dependent on the severity of the vulnerability and overall importance of the application to the organization. Track mitigation efforts are being completed in accordance with internal vulnerability management policies.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

The Cloud Advantage: 4 Ways Cloud Solutions Are Transforming Organizations (with Case Studies) 

By embracing cloud solutions, businesses can harness a level of flexibility, innovation, and collaboration that propels them forward, providing a decisive edge over competitors. This is called the “Cloud Advantage.”

Reliable Data Centers Have These 3 Things In Common (with Strategies for Optimizing Efficiency)

Data centers ensure that businesses have robust data storage and management capabilities to access, organize, and safeguard their wealth of information. Discover the key qualities that make your data center reliable.

The Benefits and Risks of Using AI at Your Business—How To Leverage AI Responsibly

AI is an alluring tool for business, but it comes with risks. Explore the pros and cons of using AI, including how to mitigate the potential vulnerabilities associated with this technology.

Ransomware Attacks on K12 Education are Spiking (Again)—Here’s How To Keep Your School District Safe

When it comes to cybersecurity, the last few years have been rough for Education. Hear expert insights on the top ransomware attacks facing K12 and Higher Ed—and how to avoid being the next victim.

October is Cybersecurity Awareness Month—Here Are 4 Actionable Strategies to Boost Your Data Security Right Now 

To help organizations stay ahead of evolving risks, sophisticated attack vectors, and the latest data security threats, UDT’s Mike Sanchez, CISO & SVP of Cybersecurity Solutions, has compiled the following risk management best practices for improving your organization’s security posture.

How To Select Your E-Rate Service Provider—An 8-Step Roadmap

To help you make an informed choice, we’ve developed a clear, 8-step roadmap to assist you in selecting the ideal E-Rate service provider for your unique situation.

Experiencing a security breach?

Get immediate assistance from our security operations center! Take the following recommended actions NOW while we get on the case:


  1. Determine which systems were impacted and immediately isolate them. Take the network offline at the switch level or physically unplug the systems from the wired or wireless network.
  2. Immediately take backups offline to preserve them. Scan backups with anti-virus and malware tools to ensure they’re not infected
  3. Initiate an immediate password reset on affected user accounts with new passwords that are no less than 14 characters in length. Do this for Senior Management accounts as well.

Just one more step

Please fill out the following form,