BROADCASTS.com

We\u2019re excited to welcome back Derek Weeks, recognized as the world\u2019s foremost researcher on the topic of DevSecOps and securing software supply chains, to the podcast! Derek shares insights on just how little has changed relative to securing software supply chains and using SBOMs in the two years since we last caught up with him. For those new to SBOMs, they are like the nutritional label on a cereal box except for open source software (OSS). We're we\u2019re seeing astronomical growth in organizations\u2019 use of OSS to the tune of 3+ trillion downloads in 2023. And even with events such as Log4j within the last year, we still haven\u2019t had the cataclysmic event to act as a forcing function for more organizations to embrace SBOMs. This has opened the door for the U.S. Government to bring to the table the Securing Open Source Software Act of 2022. Derek also shares perspective on the importance of automation, accountability for supply chain security, investment range for industry to improve the security of code the next two years, and today\u2019s realities for those buying cyber insurance.

Derek Weeks, Cybersecurity Advocate

Derek E. Weeks is the world\u2019s foremost researcher on the topic of DevSecOps and securing software supply chains. For the past seven years, he has championed the research of the annual State of the Software Supply Chain Report and the DevSecOps Community Survey. Derek is also the co-founder of All Day DevOps, an online community of 95,000 IT professionals. In 2018, Derek was recognized by DevOps.com as the \u201cBest DevOps Evangelist\u201d for his work in the community.

For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e204