Welcome to the new Energy Central — same great community, now with a smoother experience. To login, use your Energy Central email and reset your password.

Tom Alrich

Tom Alrich

Expert Member
Top Contributor

About

Member since
08/28/2018
Badges
Expert Member
Top Contributor
Bio

I provide consulting services in supply chain cybersecurity risk management, including CIP-013, software bills of materials (SBOMs) and VEX (Vulnerability Exploitability eXchange). I also lead the OWASP SBOM Forum.

I am also now providing advice to vendors of cloud-based services on working within the existing CIP standards, as well as preparing for the likely advent of a path to full NERC CIP compliance in the cloud.

I write a widely-followed blog which focuses on all of the above topics: https://tomalrichblog.blogspot.com/ .  My new book is "Introduction to SBOM and VEX".

Company
Tom Alrich LLC
Job title
Supply chain Cybersecurity and NERC CIP issues, including "CIP in the Cloud" and CIP-013
Date Joined
08/28/2018
Content Views
272,226