If the UK Government gets its way, IT service vendors and other cloud-based service providers may soon be required to adopt new measures to strengthen their cybersecurity, amid rising concerns about supply chain risks. The Department for Digital, Culture, Media and Sport (DCMS) has floated plans to make mandatory compliance with the National Cyber Security Centre’s Cyber Assessment Framework, which provides guidance for organisations responsible for vitally important services and activities.

Supply chain logistics have been the backbone of global trade for hundreds of years. Extending the same concept, with the added digital components gives birth to supply chain cyber security risks. Supply chain cyber security is a topic that has come into the limelight for the last couple of years.

At SecurityScorecard, we believe that making the world a safer place means transforming how organizations view cybersecurity. For us, this means that companies must take a holistic approach, protecting systems not just from the inside, but also knowing what an organization’s vulnerabilities look like from the outside-in to see what the hackers are seeing.

The new threats in software development are not only related to the specific company itself. The whole software supply chain is a target for attackers and it is really important to make sure that we put all our effort into securing each link because if one fails, everything will be affected. Supply chain activities include each step of the transformation of raw materials, components, and resources into a completed product, and its delivery to the end customer.

Supply-chain attacks may not grab the headlines in the same way as ransomware or data breaches, but these sneaky cyberattacks are just as dangerous for your business.

82% of professionals believe that software supply chain security should be given a degree of priority, with only 7% stating that it is not a priority at all. This is one of the key findings from us Pulse survey of 298 senior technology executives from companies in North America, Europe, Africa, and Asia.

News reports on attacks on the “supply chain” are becoming an almost every-day occurrence. First there was SolarWinds, then Kayesa, followed by countless other large and small supply chain attacks. Global businesses, economies, and lives are intricately connected to each other through applications and the internet. When critical systems are attacked and operations are affected, the downstream problems quickly become apparent.

Every business has a supply chain. It can involve the linkage of materials, parts, products, services, processes, individuals, departments, organisations and companies. In fact, almost any key component of the business can be part of the supply chain. This makes fast, efficient and secure supply chain management essential for a successful, profitable enterprise; and yet there is a huge and variable array of disparate technologies supporting those key linkages.

Over the last year, many of us have been introduced to the term “Software Supply Chain”. For better or worse, it is now part of our defense vernacular and won’t be going away any time soon. If anything, it has consumed us in many ways and has been the cause of many nights of lost sleep. Well, that could just be us on the SURGe team here at Splunk.