Articles about Supply chain

Digital transformation is becoming integral to procurement success. In fact, 77 percent of companies have adopted peer-to-peer (P2P) and source-to-contract (S2C) systems. However, acknowledging the importance of digital transformation and taking full advantage of its benefits are two very different things.

Yes, procurement technologies can provide organizations with a competitive advantage and improve operational efficiency, but these benefits are only possible when there is a trusted supplier data foundation. Even as leaders look to digital technologies to accelerate their procurement processes, they run into a consistent and demoralizing roadblock: low-quality supplier data. Whether it’s inaccurate, piecemeal or missing, bad supplier data can lead to extensive time spent on manual outreach, a reliance on supplier portals and conflicting data sources -- ultimately hindering the progress of digital transformation.

Continue reading →

Securing the software supply chain presents many challenges. To make the process easier OX Security recently launched OX-GPT, a ChatGPT integration aimed specifically at improving software supply chain security.

We spoke to Neatsun Ziv, co-founder and CEO of OX Security, to discuss how AI can present developers with customized fix recommendations and cut and paste code fixes, allowing for quick remediation of critical security issues across the software supply chain.

Continue reading →

New research from Ivalua shows more than half (53 percent) of procurement and supplier management processes have yet to be digitized.

This is creating inefficiencies, with procurement teams estimating they are wasting 22 percent of their time each year dealing with paper-based or manual processes.

Continue reading →

Digital transformation doesn't just affect your own business, it has a major influence on your relationships with suppliers and partners too.

We talked to Dan Amzallag, COO at Ivalua, to discuss the impact of digital transformation on the supplier ecosystem and procurement processes.

Continue reading →

Managing third-party cybersecurity risk across inter-connected supplier ecosystems is becoming increasingly more daunting. Software and systems that used to be managed in-house are now routinely delivered as hosted services by multiple vendors and contractors. Other third parties frequently get brought in at departmental level, often bypassing contracting procedures, and have access to applications that hold sensitive data and business critical information.

A single mistake anywhere in the supply chain could result in data breaches, compliance fines, as well as revenue losses, reputational damage, and a wide range of negative business consequences for months, or even years, down the line.

Continue reading →

Concerns around supply chain security, partly driven by President Biden's Executive Order on Improving the US' Cybersecurity, are leading to increased adoption of software bills of materials (SBOM).

Research from Sonatype surveyed over 200 IT directors in the US and UK at businesses with over $50 million revenue and finds 76 percent of enterprises have adopted SBOMs since the order's introduction.

Continue reading →

Across the interconnected global economy, complex supply chains ensure the seamless flow of goods and services across every industry. However, as cyber threats continue to evolve, organizations throughout this ecosystem are, often unknowingly, being exposed to more and more security risks as a direct result of being part of the chain. This creates a range of critical challenges for organizations whose very existence is dependent on the reliability and integrity of their supply chains at all their various levels.

Understanding the various stages of contemporary supply chains -- from material sourcing to manufacturing, transportation, warehousing, and distribution -- is essential for identifying potential vulnerabilities, with each stage susceptible to different types of risks.

Continue reading →

The worldwide supply chain took a massive hit during the COVID-19 pandemic and has yet to recover fully. This pandemic compromised manufacturing and maritime shipping sectors, causing an unprecedented supply shortage in the 21st century. Store shelves were bare and many places could not access the essentials.

Although the situation has greatly improved in recent years, it’s still far from ideal. To this end, technology has been a boon to the wounded retail industry. New digital tools are helping the recovery effort by introducing innovative ways to buy and sell goods.

Continue reading →

Whether you're building software or building cars, all businesses rely on some sort of supply chain. For the business to run smoothly the supply chain needs to be as efficient as possible.

We spoke to Fabio Pascali, regional vice president of Cloudera, to find out more about how analytics can contribute to making the supply chain work more efficiently.

Continue reading →

New research reveals that CISOs are finding it increasingly difficult to keep their software secure as hybrid and multicloud environments become more complex, and teams continue to rely on manual processes that make it easier for vulnerabilities to slip into production.

The study from Dynatrace shows 68 percent of CISOs say vulnerability management is more difficult because the complexity of their software supply chain and cloud ecosystem has increased.

Continue reading →

Recent supply chain attacks such as SolarWinds, Log4j and 3CX have highlighted the need to protect the software supply chain as well as the potential consequences of failing to properly assess the integrity of software.

A new report from software supply chain security management company Lineaje looks at the composition of open-source software and assesses the risks associated with its usage.

Continue reading →

In recent years supply chain attacks have become much more commonplace, targeting vulnerabilities and getting legitimate apps to distribute malware.

We spoke to Nir Valtman, CEO and founder at Arnica, to discuss the issues these attacks raise and how organizations can defend against them.

Continue reading →

Complex software today includes components that rely on digital authentication credentials commonly referred to as secrets, which include tools such as login credentials, API tokens, and encryption keys. While critical for the software to function, managing secrets across every component of code is a challenge that can result in secrets being left vulnerable.

Supply chain security company ReversingLabs is launching a new secrets detection feature within its Software Supply Chain Security (SSCS) platform.

Continue reading →

The OWASP Foundation (Open Web Application Security Project) and IBM have today announced IBM’s contribution of two open source projects aimed at increasing trust across open hardware and software supply chains.

The two projects are SBOM Utility and License Scanner, which add to CycloneDX, a flagship OWASP project and a leading Bill of Materials (BOM) standard. These promote validation, content analysis and accuracy of software license information included within BOMs.

Continue reading →

In recent years, the software bill of materials (SBOM) has become a key element of software security and software supply chain risk management.

We spoke to Tim Mackey, head of software supply chain risk strategy at Synopsys to find out more about the benefits and challenges of SBOMs.

Continue reading →