Robert Wood: CMS to Adopt Security-Oriented Standard for Software Bill of Materials

1 min read
Robert Wood
Robert Wood CISO CMS

Robert Wood, chief information security officer at the Centers for Medicare and Medicaid Services (CMS), said that the CMS has started to lay the groundwork for how the agency incorporates a security-oriented software bill of materials into information systems, Nextgov reported Friday.

Wood told his audience at an Advanced Technology Academic Research Center-hosted event Thursday that adopting the CycloneDX model will support CMS' DevSecOps authorization and verification system, dubbed BatCAVE.

The object model covers an application's metadata, components, services, dependencies and compositions, according to the CycloneDX website.

CMS' move to implement the standard is part of its efforts to comply with a May cybersecurity order from the White House requiring a formal supply chain record of software parts from government suppliers.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Cybersecurity

The Ultimate Guide to Winning Government Contracts Let us show you how top executives are winning so you can replicate it