Dr. Georgianna “George” Shea serves as Chief Technologist for FDD’s Center on Cyber and Technology Innovation and TCIL. In that role, she identifies cyber vulnerabilities in the U.S. government and private sector, devising pilot projects to demonstrate feasible technology and non-tech solutions that, if scaled, could move the needle in defending U.S. prosperity, security, and innovation.From the Fall 2021 Issue
Reducing Risk
A Software Bill of Materials Is Critical for Comprehensive Risk Management
Author(s):
Dr. Georgianna Shea, Chief Technologist for Center on Cyber and Technology Innovation and TCIL, The Foundation for Defense of Democracies
Executive Summary Very little software is entirely original. Software developers use existing, open-source, and commercially available software components to create new products. On average, 75 percent of a software product is open-source code, according to the 2021 Open-Source Security and Risk Analysis Report. This presents a cyber-risk management problem. The customer cannot effectively manage assets … Read more
