Reliable Energy Analytics

Reliable Energy Analytics LLC (REA), now doing business as Business Cyber Guardian (BCG), is an American software engineering company based in Westfield, Massachusetts, focused on software supply chain cyber-risk detection and management. The company develops and markets two primary products under the Software Assurance Guardian (SAG) brand: SAG-PM and SAG-CTR. SAG-PM is a patented (US11,374,961) software supply chain risk management (SCRM) application that implements a 7-step risk assessment process aligned with the NIST Cybersecurity Framework (CSF) and NIST SP 800-161. It supports Software Bill of Materials (SBOM) formats including CycloneDX and SPDX, and enables organizations to detect CISA Known Exploited Vulnerabilities (KEVs) before procuring or installing software products. SAG-PM targets organizations seeking to comply with SEC Cybersecurity Disclosure Regulations (17 CFR 229.106) and OMB M-22-18 secure software attestation requirements. SAG-CTR is a trust registry product designed to preserve tamper-proof evidence of software supply chain risk management processes using a digital chain of custody protocol. It functions as a conceptual implementation of an IETF SCITT (Supply Chain Integrity, Transparency and Trust) Trust Registry, allowing parties to verify the trustworthiness of digital products. The company provides consulting services to assist clients in implementing NIST C-SCRM solutions and complying with the CISA Secure Software Self-Attestation Form. BCG participates in policy discussions at CISA, NIST, the U.S. Department of Energy, NAESB, and the IETF SCITT working group. The company was co-founded in December 2018 by Dick and Joanne Brooks and is owner-backed rather than venture-capital funded.