Enterprise supply chain risks not being addressed

No Comments
supply chain

Although software supply chain breaches are increasing, a new study from JFrog finds that only 30 percent of respondents identified the need to address vulnerabilities in their software supply chain as a top security concern.

It also uncovers a disconnect between management and developers. 92 percent of executives claim their organizations possess tools to detect malicious open-source packages, while only 70 percent of developers think the same.

Over 90 percent of executives believe they are using ML models in their software applications, whereas only 63 percent of developers confirm that's the case. 88 percent of executives also believe that AI/ML tools are being used for security scanning and remediation processes, however only 60 percent of DevSecOps teams say they are actually using these tools.

The same is true of security scans, with 67 percent of executives believing code-level security scans are conducted regularly, but only 41 percent of developers confirm such is true.

"The complexity of today's software supply chain poses unprecedented risks. Despite executives' efforts to equip frontline teams with the right tools, developers are struggling to improve efficiency and accelerate productivity due to security tool sprawl, lengthy open source software approvals, audit and compliance checks," says Paul Davis, field CISO at JFrog. "This discrepancy highlights the urgency for organizations to rethink their security strategies and take a collaborative approach amongst executives and operational teams to effectively fortify their software supply chains."

The report highlights regional differences too, only 82 percent of EMEA respondents report using AI/ML models, in comparison to 91 percent in the US and 99 percent in Asia. 14 percent of EMEA respondents are unaware of tools for identifying malicious open-source packages, in contrast to lower rates in the US (nine percent) and Asia (one percent).

You can get the full report from the JFrog site.

Image credit: Chan2545/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

Are you ready for 6G? A breakthrough device just made it possible

What Apple iPhones are compatible with iOS 18?

Google Search now supports AVIF images

HYPER HyperJuice Qi2 chargers are ready for Apple iPhone 16

Donald Trump vs. Kamala Harris: Google ramps up efforts to protect Presidential Election integrity

Vulnerabilities surge by 43 percent over 2023

Best Windows apps this week

Most Commented Stories

Forget Windows 11, the stunning Windows 10 2024 Edition is the operating system you want

34 Comments

10 shocking reasons Windows 10 outshines Windows 11

22 Comments

Rectify11 update arrives to fix Windows 11 -- download it now

18 Comments

Microsoft releases the new Outlook for Windows for anyone who wants it, including commercial customers

15 Comments

Transform Microsoft Windows 11 into Windows 10

15 Comments

Microsoft is testing a change to the Windows 11 Start menu that you might actually like

14 Comments

Forget Microsoft Windows 11, the Chinese-made deepin Linux 23 is the operating system you really want

11 Comments

Goodbye Windows 11, hello Linux: Discover how ExTiX Deepin 24.8 can free your computer from Microsoft

11 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.