
125: Decoding SBOMs: Kyle McMillian on Cybersecurity and Supply Chain Transparency
From (CS)²AI Podcast Show: Control System Cyber Security by Derek Harp
January 28, 2025 · 27 min · Episode 125
About this episode
Derek Harp interviews Kyle McMillian about the significance of software bill of materials in cybersecurity and supply chain transparency.
Derek Harp welcomes Kyle McMillian , Product Security Officer at Siemens, to discuss the evolving landscape of software bill of materials (SBOMs) and their role in modern cybersecurity. Recorded live at Hack the Capitol 7.0 , this conversation unpacks the challenges and opportunities posed by SBOMs in an industry grappling with legacy systems and modern threats. Kyle dives into the origins of SBOMs, their role in addressing vulnerabilities like Log4J, and their potential to transform procurement, risk management, and incident response. He emphasizes the importance of balancing transparency with practicality, noting that SBOMs are a starting point for broader cybersecurity conversations. With his unique perspective from a leading equipment manufacturer, Kyle shares insights into how SBOMs can help bridge the gap between IT and OT systems. This episode is essential for anyone looking to understand the future of cybersecurity and the critical role of SBOMs in securing industrial control systems. Learn how these tools can foster trust, streamline risk management, and improve collaboration across the industry.
People in this episode
Host: Derek Harp
Guest: Kyle McMillian
Topics covered
- cybersecurity
- supply chain transparency
- software bill of materials
- risk management
- incident response
Keywords
- SBOM
- cybersecurity
- supply chain
- risk management
- incident response
- Log4J
- transparency
Mentioned in this episode
Organizations: Siemens
Products: software bill of materials (SBOMs)
More episodes of (CS)²AI Podcast Show: Control System Cyber Security
- 132: Solving Problems at Scale: Kenny Mesker on OT Cybersecurity Strategy, Risk, and Leadership · June 2, 2026 · 46 min
- 131: OT Monitoring & SOC and Incident Response — Lessons from the Field with Cambios Academy · February 4, 2026 · 43 min
- 130: S4’s “Connect” Theme Explained — Dale Peterson on OT Security’s Hyper-Connected Future · January 14, 2026 · 31 min
- 129: Why OT Cybersecurity Isn't a One-Tool Problem: Insights to be discussed at Level Zero · March 27, 2025 · 15 min
- 128: From the Pentagon to Public Safety: Lucian Niemeyer’s Mission to Secure OT · February 18, 2025 · 28 min
- 127: Unlocking the Power of Asset Inventory in OT Cybersecurity with Roya Gordon · February 11, 2025 · 24 min
Explore listener stats, chart rankings, contacts and more on the (CS)²AI Podcast Show: Control System Cyber Security podcast page.