What Data Tells Us About Software Supply Chain Security & What To Do About It

Real-world data on software supply chain security can help organizations identify the most important actions to improve the security of their software. A panel of experts examines key data points from recent surveys and reports and provides actionable steps organizations and projects can take to secure their software supply chain.

• Real-world data can help organizations decide where to focus and when to pivot
• There is plenty of eye-opening data from surveys and reports on the security of cloud-native and open source software, as well as the security of the software supply chain as a whole
• Identifying the most important actions to improve the security of open source projects or software applications is critical
• A panel of experts examines key data points from recent surveys and reports and provides actionable steps organizations and projects can take to secure their software supply chain

The software supply chain is like doing construction work on your house. It involves all the code, mechanics, and processes that went into delivering the core piece of software. Software depends on a lot of other software, and it's important to know where that software comes from, how it was built, and how it was deployed. The risks involved in the software supply chain are similar to those involved in a remodeling project. You have a contractor who needs keys and subcontractors, and you give keys out to all their subcontractors. It's important to know who they are, where they're from, and what materials they're bringing into your house. The same goes for the software supply chain. Third-party software uses other third-party software, and the keys are all over the place.

Getting real-world data can help you decide where to focus and when to pivot. And there is plenty of eye-opening data from surveys and reports on the security of cloud-native and open source software, as well as the security of the software supply chain as a whole. Often we read these headlines and move on to the next task on our list. But this critical data can help identify the most important actions we should take to improve the security of our open source project or software application. In this session, a panel of experts will examine a number of key data points from recent surveys and reports and provide immediate, actionable steps organizations and projects can take to improve the security of their software. Session attendees will gain insights that can be used to make a business case or to implement critical projects to secure their software supply chain.