12 Tips for Building a Secure Software Supply Chain

Software supply chain attacks are becoming a common form of crime to illegally obtain business information. Some research data show that more than 90% of the underlying code of modern software systems are open source, which means that almost all software development and application there is a supply chain, including references to various components, and various links involved during the design, development, testing, deployment and maintenance of software, security vulnerabilities can arise at any time.

Because of the complexity of factors that can lead to security risks in the enterprise software supply chain, securing the software supply chain is not a purely technical issue, but rather a comprehensive consideration of people, processes and knowledge. Enterprise organizations need to think based on the full lifecycle of software applications when addressing software supply chain security, monitoring and protecting every aspect of it.

Recently, a number of security experts from Forbes Magazine’s Technology Council discussed how modern enterprise organizations can build a secure software supply chain and gave 12 practical suggestions for strengthening the security of software applications.

Develop a supply chain security plan, with CISOs in charge