Digital signature flaws first reported on Energy Central now getting public attention

Energy Central has been discussing the risks and flawed beliefs with regard to digitally signed software packages. Now, public opinion is beginning to see these very issues, linked below, and are beginning to ask critical questions about the trustworthiness of digitally signed software. I believe these issues/flaws MUST be addressed in order to improve software supply chain security. Check out the on demand Energy Central Power Talk for insights into these issues.

#Energytwitter #cybersecurity @CISAgov @NISTcyber @NERCReliability @ENERGY This issue was reported to @NERC_Official in 2020 as flawed ERO endorsed guidance and has been written about on @EnergyCentral a power talk is also available on demand: https://t.co/3F9Dvo4qwz https://t.co/Ey60oMMQJc
— Richard (Dick) Brooks (@rjb4standards) February 13, 2022