The Rework Expertise Summits begin October thirteenth with Low-Code/No Code: Enabling Enterprise Agility. Register now!
Executives from the boardroom and the C-suite are realizing the damaging impact software supply chain attacks can have on their organizations, however they aren’t taking motion. Based on a current report from Venafi, senior IT executives agree (97%) that software program construct processes are not secure enough, but there’s a disconnect on the subject of which workforce is accountable for driving safety modifications… 61% of executives mentioned IT safety groups ought to be accountable for software program safety, whereas 31% mentioned improvement groups ought to be.
This lack of consensus is hindering efforts to enhance the safety of software program construct and distribution environments and exposing each firm that buys business software program to SolarWinds-style provide chain assaults. On the identical time, safety groups, who’re strapped for finances and assets, not often have visibility or management into the safety controls in software program improvement environments. To make issues worse, there isn’t a customary framework that will assist them consider the safety of the software program they use.
The survey additionally discovered that 94% of executives imagine there ought to be clear penalties for software program distributors that fail to protect the integrity of their software build pipelines. These penalties could possibly be penalties corresponding to fines and better authorized legal responsibility for firms confirmed to be negligent. It may appear stunning that executives are encouraging such a apply, however they perceive that clear penalties will power software program distributors to shift away from the ‘construct quick, repair safety later’ mentality that leaves their clients and companions in danger.
Venafi’s survey evaluated the opinions of greater than 1,000 IT and improvement professionals, together with 193 executives with accountability for each safety and software program improvement, and revealed a evident disconnect between govt concern about software program provide chain safety and govt motion.
Learn the full report by Venafi.
VentureBeat’s mission is to be a digital city sq. for technical decision-makers to achieve information about transformative expertise and transact.
Our website delivers important data on information applied sciences and methods to information you as you lead your organizations. We invite you to turn into a member of our neighborhood, to entry:
- up-to-date data on the topics of curiosity to you
- our newsletters
- gated thought-leader content material and discounted entry to our prized occasions, corresponding to Transform 2021: Learn More
- networking options, and extra