Articles about Supply chain

New AI approach aims to cut disruption from data interchange errors

Electronic data interchange (EDI) is the lifeblood of modern business, but even a small error -- be it a connection failure, data quality issue, transformation failure, or data transmission issue for example -- can rapidly cascade, generating hundreds or even thousands of issues.

This can become a domino effect tipping over into longer root cause identification, inefficiency in managing a raft of open tickets, and a prolonged time to resolution. These factors can increase operational risk, leading to downstream supply chain issues that can jeopardize valuable business relationships.

Continue reading

Supply chain issues pose major risks to financial organizations

While banks and financial institutions generally have strong defenses, third-party vendors often lack the same levels of security, something that can offer providing attackers indirect access to the institutions they serve.

A new report from Black Kite examines the shifting landscape of cyber threats in the financial sector, highlighting the critical importance of understanding and mitigating the hidden dangers within the vendor ecosystem.

Continue reading

Open-source malware targets data exfiltration

Supply chain security company Sonatype has released the Q2 2025 edition of its Open Source Malware Index, uncovering 16,279 malicious open source packages across major ecosystem.

This brings the total number of open-source malware packages Sonatype has discovered to 845,204. Compared to the end of the same quarter last year, the total volume of malware logged by Sonatype has surged 188 percent, underscoring the growing sophistication and scale of attacks aimed at developers, software teams, and CI/CD pipelines.

Continue reading

Confidence in software supply chain security at odds with actual readiness

New research finds that 32 percent of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations. 68 percent are more realistic, noting they feel uncertain about achieving this near-impossible outcome.

The study from Lineaje, carried out among RSA attendees, also shows that while software bill of material (SBOM) regulations and guidelines continue to increase, organizations vary in their level of adoption.

Continue reading

Docker introduces Hardened Images to boost supply chain security

Security of the enterprise software supply chain isn't solved with buzz or branding. It is solved with trust, scale, and seamless integration into real developer workflows.

To meet everyday software supply chain challenges Docker is launching Docker Hardened Images (DHI), a curated catalog of security-hardened, enterprise-grade container images.

Continue reading

AppSec is critical to software purchasing decisions

Data Security

A new survey of 200 chief information security officers (CISOs) from across diverse industries and regions finds that 49 percent of CISOs say buyers now factor application security (AppSec) into their purchasing decisions.

The study from Checkmarx shows 24 percent say that application security is 'always' a factor in those decisions. This trend is most pronounced in Europe, where 58 percent of respondents report that security is always a factor, compared to 33 percent in the Asia Pacific region and only eight percent in North America.

Continue reading

Traditional vulnerability assessment falls short on third-party risks

As organizations increasingly rely on third-party vendors, open-source components, and cloud services to bolster efficiency and scalability, they also open themselves to risks.

Historically they've relied on CVSS scores to measure the severity of risks, but a new report from Black Kite suggests that this method alone is not enough.

Continue reading

Software supply chain threats increase in the AI era

Managing and securing the software supply chain end-to-end is vital for delivering trusted software releases.

But a new report from JFrog finds emerging software security threats, evolving DevOps risks and best practices, and potentially explosive security concerns in the AI era.

Continue reading

Supply chain resilience rated as highly as cybersecurity

A new study finds 83 percent of executives now rank supply chain resilience as being as critical as cybersecurity, and many are turning to technology to strengthen their operations.

The research from Cleo shows that to bolster resilience, 47 percent are considering artificial intelligence (AI), recognizing its potential to automate processes, predict disruptions, and enhance decision-making.

Continue reading

Vanta launches new features to boost compliance and trust

Trust management platform Vanta has announced a series of new features and capabilities to help security and GRC teams seamlessly collaborate across their organization and extended network.

With 65 percent of businesses reporting that customers, investors and suppliers increasingly require proof of compliance, maintaining a strong security posture is essential for growth and unlocking new market entry. Vanta's new features simplify delegation, improve contextual communication and ensure accountability, allowing businesses to use their network of employees, vendors, auditors and customers to maintain continuous compliance.

Continue reading

How GenAI is set to change procurement [Q&A]

In recent years generative AI has made its way into many areas of business, helping to transform and streamline processes. However, its potential in the procurement space remains relatively unexplored.

We talked to Kevin Frechette, CEO of Fairmarkit, to find out how enterprises can exploit GenAI to gain agility, efficiency, and smarter decision-making in their sourcing decisions.

Continue reading

Software supply chain attacks and how to deal with them [Q&A]

Increased use of open source and third-party code leaves organizations open to more attacks on the software supply chain.

Open source vulnerabilities have become a prime target for attackers and organizations need to strengthen their defenses. We spoke to Richard Clark, senior solutions architect at JFrog, to discuss the importance of proactive measures in protecting against these threats.

Continue reading

Is a lack of supply chain visibility undermining board-level confidence in cyber security programs?

As we head further into 2025, organizations must focus on bolstering operational resilience and addressing third-party risks, driven not only by commercial imperatives but also by new regulatory mandates. With the enactment of regulations such as NIS2 in late 2024 and DORA early this year, supply chain risk management is now a strategic necessity.

This means that third-party cyber risk management must become a strategic priority. However, according to BlueVoyant’s fifth annual Supply Chain Defence report, which examines fast-evolving supply ecosystems, many organizations don’t appear to be prioritizing supply chain cyber risk management, or are unaware of cyber security gaps in their supply chains.

Continue reading

CrowdStrike outage prompts businesses to overhaul supply chains

The CrowdStrike outage of July 2024 has triggered a major rethink of tech supply chains, as businesses around the world look to build IT resilience and minimize risk.

New research from Adaptavist shows that in the wake of the incident, which affected 8.5 million devices worldwide, there's a decisive shift in vendor relationships and a loss of confidence in traditional single-vendor approaches, with only 16.25 percent of respondents expressing satisfaction with their current providers.

Continue reading

Open source supply chain faces security issues

The open source software supply chain shows signs of 'AppSec exhaustion,' with organizations showing diminished engagement in security practices and struggling to meet vulnerability management goals, according to a new report.

The study from Snyk, based on a survey of 453 professionals across application development and security, shows that open-source security is more important than ever, as hackers have recognized the efficiency of targeting open-source software as a single entry point to multiple orgs.

Continue reading

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

Regional iGaming Content

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.