TRENDING:

Application Security , Next-Generation Technologies & Secure Development , Video

Why SBOMs Matter for Application Security

Philips Director Mishra on Needs, Challenges and Way Ahead for Software Developers Rashmi Ramesh (rashmiramesh_) • May 30, 2023    
Minatee Mishra, director of product security, Philips

The way companies develop applications has changed over the years, and open-source technologies have replaced a significant portion of in-house components.

See Also: Security Pros and Cons on Different Cloud Types: SANS Analysis

Supply chain is critical for application security, because 80% to 90% of applications rely on open-source software or third parties, said Minatee Mishra, director of product security at Philips. It is easy for a hacker to inject vulnerabilities into open-source components and compromise any software they want, she said.

"That's where we see a need for the software bill of materials," Mishra said. "The concept is not new. If you buy a food product, you'll see the list of ingredients that says what actually goes into your product. When we have so many outside components contributing to the development of applications, we really need to know what's in there to be able to track if there is a vulnerability and manage that vulnerability."

In this video interview conducted at Information Security Media Group's Bengaluru Cybersecurity Summit, Mishra also discussed:

  • Global regulations for SBOMs;
  • Implementation challenges in software development;
  • The way ahead for application security.

Mishra has more than two decades of experience in the architecture, design, development and security of systems. She was instrumental in setting up the Security Center of Excellence at Philips.

Previous
Data-First SSE to Secure Hybrid Workforce and Data Anywhere
Next
Where Hospitals Are Still More Cyber Reactive Than Proactive

About the Author

Rashmi Ramesh

Rashmi Ramesh

Assistant Editor, Global News Desk, ISMG

Ramesh has seven years of experience writing and editing stories on finance, enterprise and consumer technology, and diversity and inclusion. She has previously worked at formerly News Corp-owned TechCircle, business daily The Economic Times and The New Indian Express.



Around the Network

Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.