Boards, CEOs demand software supply chain security improvements

2022-06-07 03:00

Adversaries, motivated by the success of high-profile software supply chain attacks on companies like SolarWinds and Kaseya, are stepping up attacks against software build and distribution environments.

"Digital transformation has made every business a software developer. And as a result, software development environments have become huge target for attackers," said Kevin Bocek, VP of threat intelligence and business development for Venafi.

In the push to innovate faster, the complexity of open source and the speed of development limit the efficacy of software supply chain security controls.

CIOs realize they need to improve software supply chain security.

56% are expanding their use of code signing, a key security control for software supply chains.

"CIOs realize they need to improve software supply chain security but it's extremely difficult to determine exactly where the risks are, which improvements provide the greatest increase in security, and how these changes reduce risk over time," continued Bocek.

News URL

https://www.helpnetsecurity.com/2022/06/07/software-supply-chains-cyberattacks/

#CEO #security #supplychain

News URL

Related news