Why BearingPoint is Driving Transparency for Risk Mitigation

BearingPoint is launching two new services to address software supply chain complexity.
As supply chains around the world are still facing the impact from last year's series of cyberattacks, BearingPoint is working to help manage risk and meet growing regulatory requirements.
Through this, companies will gain stronger transparency and resilience across their supply chains.
Compliance in an online era
In 2025, cyberattacks became a major issue for supply chains around the world, shutting down operations and leaking client information. With the growing reliance on technology and third-party vendors, the risk of attacks are at an all-time high.
However, BearingPoint, a management and technology consultancy company, is launching two new services to help organisations gain transparency in order to mitigate risk. The company uses its industry expertise and AI-focus to provide tailored and innovative solutions.
Its latest service is in place to address the growing complexity of software supply chains and the increasing regulatory requirements that are being introduced under the EU Cyber Resilience Act. The new solutions, SBOM Management Services and CRA Compliance Services, are aiming to act as foundations for security and resilient operations.
Modern software is made up of thousands of components, many of which come from third-party suppliers. In order to stay resilient amid growing attacks and tightening regulations, organisations need a high level of supply chain visibility. Coming into full effect in December 2027, the EU Cyber Resilience Act rules that manufacturers show each part of their product and how risks are mitigated across the lifecycle.
This high degree of visibility requires accurate insights and supply chain transparency, which BearingPoint is aiming to address.
“The world around us is becoming increasingly digital, and every device we use today is built on software," explains Frank Duscheck, Partner at BearingPoint.
"Open source is everywhere and a key driver of innovation. At the same time, the risk of cyberattacks and incompliance is growing, and the need for real cyber resilience is becoming critical.
With regulations such as the EU Cyber Resilience Act, this responsibility will soon be mandatory rather than optional. This is exactly where our new outcome‑based service comes in: we combine best‑of‑breed software with deep expert capabilities and take end‑to‑end responsibility for ensuring software compliance and security for our clients.
Not as a one‑off effort, but as a measurable, sustainable outcome."
All supply chain, procurement and logistics leaders should attend:
- Supply Chain LIVE: The Net Zero Summit - QEII Centre, London, March 4-5
- Supply Chain LIVE: The US Summit - Navy Pier, Chicago, April 21-22
Co-located with Procurement & Sustainability LIVE, these events bring together COOs, CSOs, and senior decision-makers at a moment when supply chains and commercial performance are increasingly interconnected.
Boosting transparency
BearingPoint's SBOM Management Services offer foundational visibility, covering the entire Software Bill of Materials (SBOM) lifecycle. It operates across:
- strategy and readiness assessment
- generation and integration into development workflows
- quality assurance against industry standards
- vulnerability and license risk analytics
- governance and policy implementation
- supplier management
- audit-ready reporting
The CRA Compliance Services ensures that the transparency evolves into regulatory conformity, rather than developing data that does not bring forward action points. It offers OSS inventory and risk assessment, cybersecurity policy development, vulnerability management, compliance documentation and targeted training.
“Once SBOMs become fully enforceable by the CRA, SBOM management is no longer a ‘nice to have’. In the light of the CRA’s lifecycle security and accountability requirements, SBOM management becomes the foundation for security by design, not just a compliance checkbox," adds Claus-Peter Wiedemann, Director Software Services, at BearingPoint.
"Companies that invest early turn regulatory pressure into a competitive advantage. Our new CRA Compliance and SBOM Management services are a powerful instrument for companies of any size to make their CRA compliance journey smooth, efficient and sustainable."
As companies look to stay resilient and compliance amid the rising age of AI, they are looking towards the application of coherent tools which can ensure visibility and policy enforcement in one streamlined platform.


