The Rework Expertise Summits begin October thirteenth with Low-Code/No Code: Enabling Enterprise Agility. Register now!
Executives from the boardroom and the C-suite are realizing the damaging impact software supply chain attacks can have on their organizations, however they aren’t taking motion. Based on a latest report from Venafi, senior IT executives agree (97%) that software program construct processes are not secure enough, but there’s a disconnect in terms of which workforce is liable for driving safety modifications… 61% of executives mentioned IT safety groups ought to be liable for software program safety, whereas 31% mentioned improvement groups ought to be.
This lack of consensus is hindering efforts to enhance the safety of software program construct and distribution environments and exposing each firm that buys industrial software program to SolarWinds-style provide chain assaults. On the identical time, safety groups, who’re strapped for price range and assets, hardly ever have visibility or management into the safety controls in software program improvement environments. To make issues worse, there isn’t any normal framework that may assist them consider the safety of the software program they use.
The survey additionally discovered that 94% of executives consider there ought to be clear penalties for software program distributors that fail to protect the integrity of their software build pipelines. These penalties may very well be penalties resembling fines and better authorized legal responsibility for firms confirmed to be negligent. It might sound shocking that executives are encouraging such a observe, however they perceive that clear penalties will drive software program distributors to shift away from the ‘construct quick, repair safety later’ mentality that leaves their prospects and companions in danger.
Venafi’s survey evaluated the opinions of greater than 1,000 IT and improvement professionals, together with 193 executives with accountability for each safety and software program improvement, and revealed a obtrusive disconnect between govt concern about software program provide chain safety and govt motion.
Learn the full report by Venafi.
VentureBeat’s mission is to be a digital city sq. for technical decision-makers to achieve information about transformative expertise and transact.
Our website delivers important data on information applied sciences and methods to information you as you lead your organizations. We invite you to develop into a member of our group, to entry:
- up-to-date data on the topics of curiosity to you
- our newsletters
- gated thought-leader content material and discounted entry to our prized occasions, resembling Transform 2021: Learn More
- networking options, and extra