PureOS Offers End-to-End Supply Chain Software and Firmware Security

According to the Forbes Article, “Cybersecurity Trends & Statistics for 2023”, there are eight macro risks to watch out for in 2023 according to the Bipartisan Policy Research Center which include the following:

  1. Evolving Geopolitical Environment- Supply chain threats due to the Russian Ukraine war.
  2. Accelerating Cyber Arms Race- Malicious actors use consumer tools & trickery to launch attacks.
  3. Global Economic Headwinds- Stock market & inflation pose risks to supply chains.
  4. Overlapping, Conflicting, and Subjective Regulations- Regulations centered on data privacy and breach disclosure laws.
  5. Lagging Corporate Governance- Companies fail to employ cybersecurity specialists in leadership positions.
  6. Lack of Investment, Preparedness, and Resilience- Companies fail to employ a plan to address a cybersecurity disaster.
  7. Vulnerable Infrastructure- Companies rely too heavily on state and local agencies, plus third-party vendors for cybersecurity regarding outdated code and legacy systems.
  8. Talent Scarcity- Shortage of qualified security personnel expose cyber risks that need to be addressed by qualified security professionals.

Relevant to the macro risks highlighted in the article, the 2022 IBM Breach Report states that over 90% of all breaches are related to insider errors and/or insider attacks, including those associated with the supply chain.

Gartner predicts that “by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.”

According to the 2022 IBM Breach Report, the average cost of a breach globally exceeds $4.5 million, in the U.S. a breach can exceed $10 million dollars.

However, there are a few low-cost best practices companies and government agencies can implement to eliminate or mitigate against such threats.

Make sure all open-source development is supported by a Software Bill of Materials (SBoM) according to the U.S. Security and Infrastructure Agency (CISA).

As a best practice associated with an enterprise strategy includes vetting U.S. based operating system, application, and software vendors to see which vendor can provide optimum security.

Additionally, U.S. based manufacturers of telecommunication devices, such as smartphones, and hardware such as PCs and servers also need to be vetted.

At Purism we are solving for threats associated with supply chain security by developing a secure OS, PureOS which is a 100% free operating system (OS) that supports smartphones, PCs, and servers manufactured by Purism.

The advantages PureOS offers includes the ability to audit the firmware and software to identify backdoors, malicious code, and security bugs.

Purism also offers a secure basic input output system (BIOS) by overwriting the original firmware with Purism’s own “Coreboot” for an added layer of security.

Purism supports “Reproducible Builds” a process that can prevent vulnerabilities or backdoors from being injected into the code during the compilation process allowing multiple parties to verify the code.

These are just a few of the unique security features that support PureOS.

Purism Products and Availability Chart

 ModelStatusLead Time 
USB Security Token Purism Librem KeyLibrem Key

(Made in USA)
In Stock
($59+)
10 days
Most Secure PC Purism Librem Mini
Librem MiniIn Stock
($799+)
10 days
Librem 5In Stock
($999+)
3GB/32GB
10 days
Purism Liberty Phone with Made in USA ElectronicsLiberty Phone
(Made in USA Electronics)
In Stock
($1,999+)
4GB/128GB
10 days
Librem 11In Stock
($999+)
8GB/1TB
10 days
Most Secure Laptop Purism Librem 14Librem 14New Orders Shipping in October
($1,370+)
6 weeks
Most Secure Server Purism Librem ServersLibrem ServerIn Stock
($2,999+)
10 days
The current product and shipping chart of Purism Librem products, updated on September 19th, 2023

Recent Posts

Related Content

Tags