EP 55 — BlackBerry's Christine Gadsby on What's Driving Software Supplier Transparency and Accountability

In this episode of the Future of Application Security, Harshil speaks with Christine Gadsby, VP, Product Security at BlackBerry, a software company specializing in cybersecurity. They discuss the new initiatives driving software transparency, like SBOMs and VEX, and how adoption will not only come from regulations but from companies holding their software suppliers more accountable. They also talk about the need for better telemetry practices and more connected tooling and how security professionals can get involved in industry change and mentorship.

Topics discussed:

• The important role frameworks like NIST 800-218 and CISA's Secure By Design will play in establishing standards.
• The ways in which SBOMs and VEX are driving software transparency that will keep customers safer.
• How commercial industries will increase their software supplier accountability in response to the rising cost of insecurity.
• How many companies lack knowledge about what's in the software they sell and the importance of having good telemetry practices.
• Why lack of good tools and the ability to connect tools is a challenge to product security today.
• Advice to security professionals about not letting things like SBOM and VEX get away from you as you prepare for the future of software development.
• How product security professionals can get involved with industry efforts to drive change.