Dick Brooks is a Co-Founder of Business Cyber Guardian™, a prolific software engineer and the inventor of patent 11,374,961: METHODS FOR VERIFICATION OF SOFTWARE OBJECT AUTHENTICITY AND INTEGRITY and the Software Assurance Guardian™ (SAG ™) Point Man™ (SAG-PM™) cyber risk detection solution, the SAGScore™ software product trust score and the SAG-CTR™ Software Assurance Guardian Community Trust Registry™ listing trusted software products. SAG methods apply a "Left of Bang" proactive approach to help software consumers (before buying a product) with software product and supply chain risk assessments to validate products for key CISA "Secure by Design" principles and practices and Software Assurance best practices following NASA's comprehensive software supply chain risk assessment process (C-SCRM), adhering to the NIST Cybersecurity Framework and NIST SP 800-161r1, and OMB M-22-18 NIST Guidance for Executive Order 14028 implementation. SAG-PM™ provides full support for the NTIA supported SBOM formats, SPDX and CycloneDX needed to meet the May 12 Cybersecurity Executive Order and OMB M-22-18 requirements for SBOM for both software vendors and software consumers and open-source vulnerability disclosure reporting using CycloneDX VDR and the open-source SBOM Vulnerability Disclosure Report (SBOM VDR) formats.
I'm frequently asked, what does Business Cyber Guardian™ (BCG) do? Here is my concise answer.
Lead Software Engineer for Business Cyber Guardian™ (BCG) Software Assurance Guardian™ (SAG™) Point Man™ (SAG-PM™) software to help Officers and Directors of public companies satisfy SEC cybersecurity regulations (17 CFR 229.106) and protect critical infrastructure from harmful software objects, in accordance with FERC Order 850 and NERC CIP-010-3, R1, Part 1.6 Software Integrity and Authenticity Verification by applying NIST Cybersecurity Framework V1.1 best practices for risk assessment and management following NIST C-SCRM Guidance SP 800-161r1for Executive Order 14028 and SEC cybersecurity regulations (17 CFR 229.106) ; SAG-PM™ Description
Committed to #girldads unite to #breakthebias, an initiative to support more women in the cybersecurity work force. Our daughters are depending on us to be part of the solution. I am an advocate for "Club House" thinking across the cybersecurity community where the best, most capable players are put on the field to stop the adversary from causing harm through cyber attacks; #42 is not just a number it's the very essence of Club House thinking!
Over 40 years developing software products and solutions in the Energy industry with 14 years working at ISO New England building the ISO's Business Intelligence and Data Analytics platforms and Enterprise Architecture; Software Architect for ISO New England's Forward Capacity Market Clearing Engine. Software Architect for the "Always on Capacity Exchange" solution for wholesale capacity market reforms, now under consideration by NEPOOL. The AOCE capacity market design concept was presented to PJM on June 1, 2023. Extensive experience leading technical teams in the design and development of Advanced Data Analytic platforms used in Risk Management, Market Monitoring, data mining and operational support within the Energy industry. This experience has resulted in a comprehensive understanding of ISO New England’s applications and data, across markets (DA/RT, FCM, FTR and Reserves) and functions (System Planning, Settlements, Risk Management, Market Monitoring and Cybersecurity/PKI). Experience with other US utilities and RTO's (ERCOT) and the European Energy Markets having worked with EirGrid, the ISO for Ireland.
Successful developer of Energy Industry B2B and Cyber security standards at North American Energy Standards Board (NAESB) (www.naesb.org) since 1995, for Electric and Gas Regulations adopted by FERC; ANSI Meritorious Service Award Recipient; https://www.naesb.org//pdf/082801pr.pdf
Additional information available at http://www.reliableenergyanalytics.com