Tom Alrich
Principal Consultant
Tom Alrich LLC
Tom Alrich is an independent consultant specializing in supply chain cybersecurity and NERC CIP-013 compliance. Tom has consulted in cybersecurity since 2001, working previously for Honeywell and Deloitte. He writes
Tom Alrich's Blog, which has a wide following and addresses topics regarding supply chain security for critical infrastructure and more recently software supply chain security.
Since 2020, Tom has actively participated in the efforts to define and implement software bills of materials (SBOMs) under the NTIA and now CISA. He founded the Energy Sector SBOM Proof of Concept under NTIA. In 2022, Tom founded the SBOM Forum, an informal group of SBOM industry leaders dedicated to identifying solutions to the problems currently inhibiting widespread use of SBOMs. The group has already outlined a substantial
solution to one of the most critical of those problems, the "naming problem".
Tom lives in Evanston, Illinois and has a BA in Economics from the University of Chicago.