Tom Alrich

VEXs and Supply Chain Cybersecurity with Tom Alrich

The Supply Chain Cybersecurity and SBOM thought leader shares his thoughts and insights

We sat down with the veteran consultant and blogger to learn from his vast experience about supply chain security, SBOMs, VEXs, and how they all tie together.

A few notes about the episode from our guest Tom Alrich

About Tom Alrich

Tom Alrich is a well-known independent consultant and blogger about supply chain cybersecurity and software bills of material, for electric power and other industries. Tom has consulted in these areas since 2008, working previously for Honeywell and Deloitte. Since 2018, Tom has been an independent consultant.

Tom has especially focused on software supply chain cybersecurity in the past two years and has been an active volunteer participant and group leader in both the NERC Supply Chain Working Group and the US government’s Software Component Transparency Initiative, formerly under the NTIA, but now under CISA. His widely-followed blog is called Tom Alrich’s Blog. Tom lives in Evanston, Illinois and has a BA in Economics from the University of Chicago.