The recent presidential Executive Order on Cybersecurity focuses on producing and consuming SBOMs (Software Bill of Materials). SBOMs are especially critical for a national digital infrastructure used within government agencies and in critical industries that present national security risks if penetrated. SBOMs improve understanding of those software components’ operational and cyber risks from their originating supply chain; however, their use is not widespread.
The SBOM readiness survey is the Linux Foundation’s first project addressing how to secure the software supply chain. Software producers and consumers will be surveyed to better understand organizational approaches to software development, procurement, compliance, and, most important, security.
Key questions the survey will address include:
- How concerned is your organization about software security?
- How familiar is your organization with SBOMs?
- How ready is your organization to consume and produce SBOMs?
- What is your commitment to the timeline for addressing SBOMs?
- What benefits do you expect to derive from SBOMs?
- What concerns you about SBOMs?
- What capabilities are needed in SBOMs?
- What does your organization need to improve its SBOM operability?
- How important are SBOMS relative to other ways to secure the software supply chain?
Data from this survey will enable the development of a maturity model to establish the value of SBOMs within software supply chains over time. To take the 2021 SBOM Readiness Survey, click the button below.
After arriving at the survey landing page, you may also choose to issue your responses in German, Russian, French, Chinese, Japanese, or Korean.