Software supply chain: Any company that uses third-party software in their products needs to have a formal program to ensure that the software is developed using a secure development life cycle which includes security testing throughout the development process. In addition, technology should be used to ensure the security of open source software used in all products. The recent Executive Order requires this for any product used by the U.S. government, but hopefully this will become standard practice globally.
Manufacturing supply chain: Manufacturing was the top sector hit by ransomware attacks in 2020, including small and medium suppliers in the manufacturing supply chain. It is important that companies confirm that the security posture of their critical suppliers is sufficiently resilient against ransomware attacks.
SC Media Editor in Chief Jill Aitoro has 20 years of experience editing and reporting on technology, business and policy. She also serves as editorial director at SC Media’s parent company, CyberRisk Alliance. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.