Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

AppSec Decoded: A proactive approach to building trust in your software supply chain | Synopsys

In this episode of AppSec Decoded featuring Sammy Migues, principal scientist at Synopsys and coauthor of the BSIMM report, and Tim Mackey, principal security strategist at Synopsys Cybersecurity Research Center (CyRC), we discuss why the software supply chain is an inviting target for hackers and how companies can implement a proactive approach to software supply chain security with security activities that won’t slow down innovation.

Traditional Supply Chain vs. Digital Supply Chain

A supply chain is the ecosystem of processes, systems, and entities that work together to transform an idea into a final product and customer-ready offering. That lifecycle consists of multiple moving parts. As global supply chain complexity increases, organizations in every industry require robust and reliable supply chain management (SCM) tools, processes, and people. Coordination of the supply chain is critical for efficiency and optimization.

Effective software security activities for managing supply chain risks

BSIMM12 reports increased attention on software security due to recent supply chain disruptions. Get recommendations for managing supply chain risks. As the global pandemic disrupted the way business is conducted, the workforce became more dispersed and moved far from the traditional secure enterprise environments.

SecurityScorecard Announces Plan to Train & Certify 25,000 Supply Chain Risk Professionals

Cybersecurity threats are on the rise. Over the past year, we’ve observed a 148% increase in ransomware attacks and an 85% increase in phishing attacks targeting remote users. Worse still, these attacks are growing increasingly sophisticated, with threat actors using eight or more vectors in the same attack, often deploying multiple vectors within minutes of one another.

The UK pushes for better supply chain cybersecurity

If the UK Government gets its way, IT service vendors and other cloud-based service providers may soon be required to adopt new measures to strengthen their cybersecurity, amid rising concerns about supply chain risks. The Department for Digital, Culture, Media and Sport (DCMS) has floated plans to make mandatory compliance with the National Cyber Security Centre’s Cyber Assessment Framework, which provides guidance for organisations responsible for vitally important services and activities.

Supply Chain Cybersecurity: Risk Management Best Practices

Supply chain logistics have been the backbone of global trade for hundreds of years. Extending the same concept, with the added digital components gives birth to supply chain cyber security risks. Supply chain cyber security is a topic that has come into the limelight for the last couple of years.

NIST Standards and Guidelines for Enhancing Software Supply Chain Security Include Security Ratings

At SecurityScorecard, we believe that making the world a safer place means transforming how organizations view cybersecurity. For us, this means that companies must take a holistic approach, protecting systems not just from the inside, but also knowing what an organization’s vulnerabilities look like from the outside-in to see what the hackers are seeing.

Secure software supply chain: why every link matters

The new threats in software development are not only related to the specific company itself. The whole software supply chain is a target for attackers and it is really important to make sure that we put all our effort into securing each link because if one fails, everything will be affected. Supply chain activities include each step of the transformation of raw materials, components, and resources into a completed product, and its delivery to the end customer.